]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
core: rework how we track service and scope PIDs
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6 ***/
7
8 #include <errno.h>
9 #include <stdlib.h>
10 #include <string.h>
11 #include <sys/prctl.h>
12 #include <sys/stat.h>
13 #include <unistd.h>
14
15 #include "sd-id128.h"
16 #include "sd-messages.h"
17
18 #include "alloc-util.h"
19 #include "all-units.h"
20 #include "bus-common-errors.h"
21 #include "bus-util.h"
22 #include "cgroup-util.h"
23 #include "dbus-unit.h"
24 #include "dbus.h"
25 #include "dropin.h"
26 #include "escape.h"
27 #include "execute.h"
28 #include "fd-util.h"
29 #include "fileio-label.h"
30 #include "format-util.h"
31 #include "fs-util.h"
32 #include "id128-util.h"
33 #include "io-util.h"
34 #include "load-dropin.h"
35 #include "load-fragment.h"
36 #include "log.h"
37 #include "macro.h"
38 #include "missing.h"
39 #include "mkdir.h"
40 #include "parse-util.h"
41 #include "path-util.h"
42 #include "process-util.h"
43 #include "set.h"
44 #include "signal-util.h"
45 #include "sparse-endian.h"
46 #include "special.h"
47 #include "specifier.h"
48 #include "stat-util.h"
49 #include "stdio-util.h"
50 #include "string-table.h"
51 #include "string-util.h"
52 #include "strv.h"
53 #include "umask-util.h"
54 #include "unit-name.h"
55 #include "unit.h"
56 #include "user-util.h"
57 #include "virt.h"
58
59 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
60 [UNIT_SERVICE] = &service_vtable,
61 [UNIT_SOCKET] = &socket_vtable,
62 [UNIT_TARGET] = &target_vtable,
63 [UNIT_DEVICE] = &device_vtable,
64 [UNIT_MOUNT] = &mount_vtable,
65 [UNIT_AUTOMOUNT] = &automount_vtable,
66 [UNIT_SWAP] = &swap_vtable,
67 [UNIT_TIMER] = &timer_vtable,
68 [UNIT_PATH] = &path_vtable,
69 [UNIT_SLICE] = &slice_vtable,
70 [UNIT_SCOPE] = &scope_vtable,
71 };
72
73 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
74
75 Unit *unit_new(Manager *m, size_t size) {
76 Unit *u;
77
78 assert(m);
79 assert(size >= sizeof(Unit));
80
81 u = malloc0(size);
82 if (!u)
83 return NULL;
84
85 u->names = set_new(&string_hash_ops);
86 if (!u->names)
87 return mfree(u);
88
89 u->manager = m;
90 u->type = _UNIT_TYPE_INVALID;
91 u->default_dependencies = true;
92 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
93 u->unit_file_preset = -1;
94 u->on_failure_job_mode = JOB_REPLACE;
95 u->cgroup_inotify_wd = -1;
96 u->job_timeout = USEC_INFINITY;
97 u->job_running_timeout = USEC_INFINITY;
98 u->ref_uid = UID_INVALID;
99 u->ref_gid = GID_INVALID;
100 u->cpu_usage_last = NSEC_INFINITY;
101 u->cgroup_bpf_state = UNIT_CGROUP_BPF_INVALIDATED;
102
103 u->ip_accounting_ingress_map_fd = -1;
104 u->ip_accounting_egress_map_fd = -1;
105 u->ipv4_allow_map_fd = -1;
106 u->ipv6_allow_map_fd = -1;
107 u->ipv4_deny_map_fd = -1;
108 u->ipv6_deny_map_fd = -1;
109
110 u->last_section_private = -1;
111
112 RATELIMIT_INIT(u->start_limit, m->default_start_limit_interval, m->default_start_limit_burst);
113 RATELIMIT_INIT(u->auto_stop_ratelimit, 10 * USEC_PER_SEC, 16);
114
115 return u;
116 }
117
118 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
119 _cleanup_(unit_freep) Unit *u = NULL;
120 int r;
121
122 u = unit_new(m, size);
123 if (!u)
124 return -ENOMEM;
125
126 r = unit_add_name(u, name);
127 if (r < 0)
128 return r;
129
130 *ret = TAKE_PTR(u);
131
132 return r;
133 }
134
135 bool unit_has_name(Unit *u, const char *name) {
136 assert(u);
137 assert(name);
138
139 return set_contains(u->names, (char*) name);
140 }
141
142 static void unit_init(Unit *u) {
143 CGroupContext *cc;
144 ExecContext *ec;
145 KillContext *kc;
146
147 assert(u);
148 assert(u->manager);
149 assert(u->type >= 0);
150
151 cc = unit_get_cgroup_context(u);
152 if (cc) {
153 cgroup_context_init(cc);
154
155 /* Copy in the manager defaults into the cgroup
156 * context, _before_ the rest of the settings have
157 * been initialized */
158
159 cc->cpu_accounting = u->manager->default_cpu_accounting;
160 cc->io_accounting = u->manager->default_io_accounting;
161 cc->ip_accounting = u->manager->default_ip_accounting;
162 cc->blockio_accounting = u->manager->default_blockio_accounting;
163 cc->memory_accounting = u->manager->default_memory_accounting;
164 cc->tasks_accounting = u->manager->default_tasks_accounting;
165 cc->ip_accounting = u->manager->default_ip_accounting;
166
167 if (u->type != UNIT_SLICE)
168 cc->tasks_max = u->manager->default_tasks_max;
169 }
170
171 ec = unit_get_exec_context(u);
172 if (ec) {
173 exec_context_init(ec);
174
175 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
176 EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
177 }
178
179 kc = unit_get_kill_context(u);
180 if (kc)
181 kill_context_init(kc);
182
183 if (UNIT_VTABLE(u)->init)
184 UNIT_VTABLE(u)->init(u);
185 }
186
187 int unit_add_name(Unit *u, const char *text) {
188 _cleanup_free_ char *s = NULL, *i = NULL;
189 UnitType t;
190 int r;
191
192 assert(u);
193 assert(text);
194
195 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
196
197 if (!u->instance)
198 return -EINVAL;
199
200 r = unit_name_replace_instance(text, u->instance, &s);
201 if (r < 0)
202 return r;
203 } else {
204 s = strdup(text);
205 if (!s)
206 return -ENOMEM;
207 }
208
209 if (set_contains(u->names, s))
210 return 0;
211 if (hashmap_contains(u->manager->units, s))
212 return -EEXIST;
213
214 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
215 return -EINVAL;
216
217 t = unit_name_to_type(s);
218 if (t < 0)
219 return -EINVAL;
220
221 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
222 return -EINVAL;
223
224 r = unit_name_to_instance(s, &i);
225 if (r < 0)
226 return r;
227
228 if (i && !unit_type_may_template(t))
229 return -EINVAL;
230
231 /* Ensure that this unit is either instanced or not instanced,
232 * but not both. Note that we do allow names with different
233 * instance names however! */
234 if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
235 return -EINVAL;
236
237 if (!unit_type_may_alias(t) && !set_isempty(u->names))
238 return -EEXIST;
239
240 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
241 return -E2BIG;
242
243 r = set_put(u->names, s);
244 if (r < 0)
245 return r;
246 assert(r > 0);
247
248 r = hashmap_put(u->manager->units, s, u);
249 if (r < 0) {
250 (void) set_remove(u->names, s);
251 return r;
252 }
253
254 if (u->type == _UNIT_TYPE_INVALID) {
255 u->type = t;
256 u->id = s;
257 u->instance = TAKE_PTR(i);
258
259 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
260
261 unit_init(u);
262 }
263
264 s = NULL;
265
266 unit_add_to_dbus_queue(u);
267 return 0;
268 }
269
270 int unit_choose_id(Unit *u, const char *name) {
271 _cleanup_free_ char *t = NULL;
272 char *s, *i;
273 int r;
274
275 assert(u);
276 assert(name);
277
278 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
279
280 if (!u->instance)
281 return -EINVAL;
282
283 r = unit_name_replace_instance(name, u->instance, &t);
284 if (r < 0)
285 return r;
286
287 name = t;
288 }
289
290 /* Selects one of the names of this unit as the id */
291 s = set_get(u->names, (char*) name);
292 if (!s)
293 return -ENOENT;
294
295 /* Determine the new instance from the new id */
296 r = unit_name_to_instance(s, &i);
297 if (r < 0)
298 return r;
299
300 u->id = s;
301
302 free(u->instance);
303 u->instance = i;
304
305 unit_add_to_dbus_queue(u);
306
307 return 0;
308 }
309
310 int unit_set_description(Unit *u, const char *description) {
311 int r;
312
313 assert(u);
314
315 r = free_and_strdup(&u->description, empty_to_null(description));
316 if (r < 0)
317 return r;
318 if (r > 0)
319 unit_add_to_dbus_queue(u);
320
321 return 0;
322 }
323
324 bool unit_may_gc(Unit *u) {
325 UnitActiveState state;
326 int r;
327
328 assert(u);
329
330 /* Checks whether the unit is ready to be unloaded for garbage collection.
331 * Returns true when the unit may be collected, and false if there's some
332 * reason to keep it loaded.
333 *
334 * References from other units are *not* checked here. Instead, this is done
335 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
336 */
337
338 if (u->job)
339 return false;
340
341 if (u->nop_job)
342 return false;
343
344 state = unit_active_state(u);
345
346 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
347 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
348 UNIT_VTABLE(u)->release_resources)
349 UNIT_VTABLE(u)->release_resources(u);
350
351 if (u->perpetual)
352 return false;
353
354 if (sd_bus_track_count(u->bus_track) > 0)
355 return false;
356
357 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
358 switch (u->collect_mode) {
359
360 case COLLECT_INACTIVE:
361 if (state != UNIT_INACTIVE)
362 return false;
363
364 break;
365
366 case COLLECT_INACTIVE_OR_FAILED:
367 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
368 return false;
369
370 break;
371
372 default:
373 assert_not_reached("Unknown garbage collection mode");
374 }
375
376 if (u->cgroup_path) {
377 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
378 * around. Units with active processes should never be collected. */
379
380 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
381 if (r < 0)
382 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
383 if (r <= 0)
384 return false;
385 }
386
387 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
388 return false;
389
390 return true;
391 }
392
393 void unit_add_to_load_queue(Unit *u) {
394 assert(u);
395 assert(u->type != _UNIT_TYPE_INVALID);
396
397 if (u->load_state != UNIT_STUB || u->in_load_queue)
398 return;
399
400 LIST_PREPEND(load_queue, u->manager->load_queue, u);
401 u->in_load_queue = true;
402 }
403
404 void unit_add_to_cleanup_queue(Unit *u) {
405 assert(u);
406
407 if (u->in_cleanup_queue)
408 return;
409
410 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
411 u->in_cleanup_queue = true;
412 }
413
414 void unit_add_to_gc_queue(Unit *u) {
415 assert(u);
416
417 if (u->in_gc_queue || u->in_cleanup_queue)
418 return;
419
420 if (!unit_may_gc(u))
421 return;
422
423 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
424 u->in_gc_queue = true;
425 }
426
427 void unit_add_to_dbus_queue(Unit *u) {
428 assert(u);
429 assert(u->type != _UNIT_TYPE_INVALID);
430
431 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
432 return;
433
434 /* Shortcut things if nobody cares */
435 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
436 sd_bus_track_count(u->bus_track) <= 0 &&
437 set_isempty(u->manager->private_buses)) {
438 u->sent_dbus_new_signal = true;
439 return;
440 }
441
442 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
443 u->in_dbus_queue = true;
444 }
445
446 static void bidi_set_free(Unit *u, Hashmap *h) {
447 Unit *other;
448 Iterator i;
449 void *v;
450
451 assert(u);
452
453 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
454
455 HASHMAP_FOREACH_KEY(v, other, h, i) {
456 UnitDependency d;
457
458 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
459 hashmap_remove(other->dependencies[d], u);
460
461 unit_add_to_gc_queue(other);
462 }
463
464 hashmap_free(h);
465 }
466
467 static void unit_remove_transient(Unit *u) {
468 char **i;
469
470 assert(u);
471
472 if (!u->transient)
473 return;
474
475 if (u->fragment_path)
476 (void) unlink(u->fragment_path);
477
478 STRV_FOREACH(i, u->dropin_paths) {
479 _cleanup_free_ char *p = NULL, *pp = NULL;
480
481 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
482 if (!p)
483 continue;
484
485 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
486 if (!pp)
487 continue;
488
489 /* Only drop transient drop-ins */
490 if (!path_equal(u->manager->lookup_paths.transient, pp))
491 continue;
492
493 (void) unlink(*i);
494 (void) rmdir(p);
495 }
496 }
497
498 static void unit_free_requires_mounts_for(Unit *u) {
499 assert(u);
500
501 for (;;) {
502 _cleanup_free_ char *path;
503
504 path = hashmap_steal_first_key(u->requires_mounts_for);
505 if (!path)
506 break;
507 else {
508 char s[strlen(path) + 1];
509
510 PATH_FOREACH_PREFIX_MORE(s, path) {
511 char *y;
512 Set *x;
513
514 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
515 if (!x)
516 continue;
517
518 (void) set_remove(x, u);
519
520 if (set_isempty(x)) {
521 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
522 free(y);
523 set_free(x);
524 }
525 }
526 }
527 }
528
529 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
530 }
531
532 static void unit_done(Unit *u) {
533 ExecContext *ec;
534 CGroupContext *cc;
535
536 assert(u);
537
538 if (u->type < 0)
539 return;
540
541 if (UNIT_VTABLE(u)->done)
542 UNIT_VTABLE(u)->done(u);
543
544 ec = unit_get_exec_context(u);
545 if (ec)
546 exec_context_done(ec);
547
548 cc = unit_get_cgroup_context(u);
549 if (cc)
550 cgroup_context_done(cc);
551 }
552
553 void unit_free(Unit *u) {
554 UnitDependency d;
555 Iterator i;
556 char *t;
557
558 if (!u)
559 return;
560
561 u->transient_file = safe_fclose(u->transient_file);
562
563 if (!MANAGER_IS_RELOADING(u->manager))
564 unit_remove_transient(u);
565
566 bus_unit_send_removed_signal(u);
567
568 unit_done(u);
569
570 unit_dequeue_rewatch_pids(u);
571
572 sd_bus_slot_unref(u->match_bus_slot);
573 sd_bus_track_unref(u->bus_track);
574 u->deserialized_refs = strv_free(u->deserialized_refs);
575
576 unit_free_requires_mounts_for(u);
577
578 SET_FOREACH(t, u->names, i)
579 hashmap_remove_value(u->manager->units, t, u);
580
581 if (!sd_id128_is_null(u->invocation_id))
582 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
583
584 if (u->job) {
585 Job *j = u->job;
586 job_uninstall(j);
587 job_free(j);
588 }
589
590 if (u->nop_job) {
591 Job *j = u->nop_job;
592 job_uninstall(j);
593 job_free(j);
594 }
595
596 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
597 bidi_set_free(u, u->dependencies[d]);
598
599 if (u->on_console)
600 manager_unref_console(u->manager);
601
602 unit_release_cgroup(u);
603
604 if (!MANAGER_IS_RELOADING(u->manager))
605 unit_unlink_state_files(u);
606
607 unit_unref_uid_gid(u, false);
608
609 (void) manager_update_failed_units(u->manager, u, false);
610 set_remove(u->manager->startup_units, u);
611
612 unit_unwatch_all_pids(u);
613
614 unit_ref_unset(&u->slice);
615 while (u->refs_by_target)
616 unit_ref_unset(u->refs_by_target);
617
618 if (u->type != _UNIT_TYPE_INVALID)
619 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
620
621 if (u->in_load_queue)
622 LIST_REMOVE(load_queue, u->manager->load_queue, u);
623
624 if (u->in_dbus_queue)
625 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
626
627 if (u->in_gc_queue)
628 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
629
630 if (u->in_cgroup_realize_queue)
631 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
632
633 if (u->in_cgroup_empty_queue)
634 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
635
636 if (u->in_cleanup_queue)
637 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
638
639 if (u->in_target_deps_queue)
640 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
641
642 safe_close(u->ip_accounting_ingress_map_fd);
643 safe_close(u->ip_accounting_egress_map_fd);
644
645 safe_close(u->ipv4_allow_map_fd);
646 safe_close(u->ipv6_allow_map_fd);
647 safe_close(u->ipv4_deny_map_fd);
648 safe_close(u->ipv6_deny_map_fd);
649
650 bpf_program_unref(u->ip_bpf_ingress);
651 bpf_program_unref(u->ip_bpf_ingress_installed);
652 bpf_program_unref(u->ip_bpf_egress);
653 bpf_program_unref(u->ip_bpf_egress_installed);
654
655 condition_free_list(u->conditions);
656 condition_free_list(u->asserts);
657
658 free(u->description);
659 strv_free(u->documentation);
660 free(u->fragment_path);
661 free(u->source_path);
662 strv_free(u->dropin_paths);
663 free(u->instance);
664
665 free(u->job_timeout_reboot_arg);
666
667 set_free_free(u->names);
668
669 free(u->reboot_arg);
670
671 free(u);
672 }
673
674 UnitActiveState unit_active_state(Unit *u) {
675 assert(u);
676
677 if (u->load_state == UNIT_MERGED)
678 return unit_active_state(unit_follow_merge(u));
679
680 /* After a reload it might happen that a unit is not correctly
681 * loaded but still has a process around. That's why we won't
682 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
683
684 return UNIT_VTABLE(u)->active_state(u);
685 }
686
687 const char* unit_sub_state_to_string(Unit *u) {
688 assert(u);
689
690 return UNIT_VTABLE(u)->sub_state_to_string(u);
691 }
692
693 static int set_complete_move(Set **s, Set **other) {
694 assert(s);
695 assert(other);
696
697 if (!other)
698 return 0;
699
700 if (*s)
701 return set_move(*s, *other);
702 else
703 *s = TAKE_PTR(*other);
704
705 return 0;
706 }
707
708 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
709 assert(s);
710 assert(other);
711
712 if (!*other)
713 return 0;
714
715 if (*s)
716 return hashmap_move(*s, *other);
717 else
718 *s = TAKE_PTR(*other);
719
720 return 0;
721 }
722
723 static int merge_names(Unit *u, Unit *other) {
724 char *t;
725 Iterator i;
726 int r;
727
728 assert(u);
729 assert(other);
730
731 r = set_complete_move(&u->names, &other->names);
732 if (r < 0)
733 return r;
734
735 set_free_free(other->names);
736 other->names = NULL;
737 other->id = NULL;
738
739 SET_FOREACH(t, u->names, i)
740 assert_se(hashmap_replace(u->manager->units, t, u) == 0);
741
742 return 0;
743 }
744
745 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
746 unsigned n_reserve;
747
748 assert(u);
749 assert(other);
750 assert(d < _UNIT_DEPENDENCY_MAX);
751
752 /*
753 * If u does not have this dependency set allocated, there is no need
754 * to reserve anything. In that case other's set will be transferred
755 * as a whole to u by complete_move().
756 */
757 if (!u->dependencies[d])
758 return 0;
759
760 /* merge_dependencies() will skip a u-on-u dependency */
761 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
762
763 return hashmap_reserve(u->dependencies[d], n_reserve);
764 }
765
766 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
767 Iterator i;
768 Unit *back;
769 void *v;
770 int r;
771
772 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
773
774 assert(u);
775 assert(other);
776 assert(d < _UNIT_DEPENDENCY_MAX);
777
778 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
779 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
780 UnitDependency k;
781
782 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
783 * pointers back, and let's fix them up, to instead point to 'u'. */
784
785 for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
786 if (back == u) {
787 /* Do not add dependencies between u and itself. */
788 if (hashmap_remove(back->dependencies[k], other))
789 maybe_warn_about_dependency(u, other_id, k);
790 } else {
791 UnitDependencyInfo di_u, di_other, di_merged;
792
793 /* Let's drop this dependency between "back" and "other", and let's create it between
794 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
795 * and any such dependency which might already exist */
796
797 di_other.data = hashmap_get(back->dependencies[k], other);
798 if (!di_other.data)
799 continue; /* dependency isn't set, let's try the next one */
800
801 di_u.data = hashmap_get(back->dependencies[k], u);
802
803 di_merged = (UnitDependencyInfo) {
804 .origin_mask = di_u.origin_mask | di_other.origin_mask,
805 .destination_mask = di_u.destination_mask | di_other.destination_mask,
806 };
807
808 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
809 if (r < 0)
810 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
811 assert(r >= 0);
812
813 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
814 }
815 }
816
817 }
818
819 /* Also do not move dependencies on u to itself */
820 back = hashmap_remove(other->dependencies[d], u);
821 if (back)
822 maybe_warn_about_dependency(u, other_id, d);
823
824 /* The move cannot fail. The caller must have performed a reservation. */
825 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
826
827 other->dependencies[d] = hashmap_free(other->dependencies[d]);
828 }
829
830 int unit_merge(Unit *u, Unit *other) {
831 UnitDependency d;
832 const char *other_id = NULL;
833 int r;
834
835 assert(u);
836 assert(other);
837 assert(u->manager == other->manager);
838 assert(u->type != _UNIT_TYPE_INVALID);
839
840 other = unit_follow_merge(other);
841
842 if (other == u)
843 return 0;
844
845 if (u->type != other->type)
846 return -EINVAL;
847
848 if (!u->instance != !other->instance)
849 return -EINVAL;
850
851 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
852 return -EEXIST;
853
854 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
855 return -EEXIST;
856
857 if (other->job)
858 return -EEXIST;
859
860 if (other->nop_job)
861 return -EEXIST;
862
863 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
864 return -EEXIST;
865
866 if (other->id)
867 other_id = strdupa(other->id);
868
869 /* Make reservations to ensure merge_dependencies() won't fail */
870 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
871 r = reserve_dependencies(u, other, d);
872 /*
873 * We don't rollback reservations if we fail. We don't have
874 * a way to undo reservations. A reservation is not a leak.
875 */
876 if (r < 0)
877 return r;
878 }
879
880 /* Merge names */
881 r = merge_names(u, other);
882 if (r < 0)
883 return r;
884
885 /* Redirect all references */
886 while (other->refs_by_target)
887 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
888
889 /* Merge dependencies */
890 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
891 merge_dependencies(u, other, other_id, d);
892
893 other->load_state = UNIT_MERGED;
894 other->merged_into = u;
895
896 /* If there is still some data attached to the other node, we
897 * don't need it anymore, and can free it. */
898 if (other->load_state != UNIT_STUB)
899 if (UNIT_VTABLE(other)->done)
900 UNIT_VTABLE(other)->done(other);
901
902 unit_add_to_dbus_queue(u);
903 unit_add_to_cleanup_queue(other);
904
905 return 0;
906 }
907
908 int unit_merge_by_name(Unit *u, const char *name) {
909 _cleanup_free_ char *s = NULL;
910 Unit *other;
911 int r;
912
913 assert(u);
914 assert(name);
915
916 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
917 if (!u->instance)
918 return -EINVAL;
919
920 r = unit_name_replace_instance(name, u->instance, &s);
921 if (r < 0)
922 return r;
923
924 name = s;
925 }
926
927 other = manager_get_unit(u->manager, name);
928 if (other)
929 return unit_merge(u, other);
930
931 return unit_add_name(u, name);
932 }
933
934 Unit* unit_follow_merge(Unit *u) {
935 assert(u);
936
937 while (u->load_state == UNIT_MERGED)
938 assert_se(u = u->merged_into);
939
940 return u;
941 }
942
943 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
944 ExecDirectoryType dt;
945 char **dp;
946 int r;
947
948 assert(u);
949 assert(c);
950
951 if (c->working_directory) {
952 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
953 if (r < 0)
954 return r;
955 }
956
957 if (c->root_directory) {
958 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
959 if (r < 0)
960 return r;
961 }
962
963 if (c->root_image) {
964 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
965 if (r < 0)
966 return r;
967 }
968
969 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
970 if (!u->manager->prefix[dt])
971 continue;
972
973 STRV_FOREACH(dp, c->directories[dt].paths) {
974 _cleanup_free_ char *p;
975
976 p = strjoin(u->manager->prefix[dt], "/", *dp);
977 if (!p)
978 return -ENOMEM;
979
980 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
981 if (r < 0)
982 return r;
983 }
984 }
985
986 if (!MANAGER_IS_SYSTEM(u->manager))
987 return 0;
988
989 if (c->private_tmp) {
990 const char *p;
991
992 FOREACH_STRING(p, "/tmp", "/var/tmp") {
993 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
994 if (r < 0)
995 return r;
996 }
997
998 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, NULL, true, UNIT_DEPENDENCY_FILE);
999 if (r < 0)
1000 return r;
1001 }
1002
1003 if (!IN_SET(c->std_output,
1004 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1005 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1006 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
1007 !IN_SET(c->std_error,
1008 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1009 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1010 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
1011 return 0;
1012
1013 /* If syslog or kernel logging is requested, make sure our own
1014 * logging daemon is run first. */
1015
1016 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, NULL, true, UNIT_DEPENDENCY_FILE);
1017 if (r < 0)
1018 return r;
1019
1020 return 0;
1021 }
1022
1023 const char *unit_description(Unit *u) {
1024 assert(u);
1025
1026 if (u->description)
1027 return u->description;
1028
1029 return strna(u->id);
1030 }
1031
1032 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1033 const struct {
1034 UnitDependencyMask mask;
1035 const char *name;
1036 } table[] = {
1037 { UNIT_DEPENDENCY_FILE, "file" },
1038 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1039 { UNIT_DEPENDENCY_DEFAULT, "default" },
1040 { UNIT_DEPENDENCY_UDEV, "udev" },
1041 { UNIT_DEPENDENCY_PATH, "path" },
1042 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1043 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1044 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1045 };
1046 size_t i;
1047
1048 assert(f);
1049 assert(kind);
1050 assert(space);
1051
1052 for (i = 0; i < ELEMENTSOF(table); i++) {
1053
1054 if (mask == 0)
1055 break;
1056
1057 if (FLAGS_SET(mask, table[i].mask)) {
1058 if (*space)
1059 fputc(' ', f);
1060 else
1061 *space = true;
1062
1063 fputs(kind, f);
1064 fputs("-", f);
1065 fputs(table[i].name, f);
1066
1067 mask &= ~table[i].mask;
1068 }
1069 }
1070
1071 assert(mask == 0);
1072 }
1073
1074 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1075 char *t, **j;
1076 UnitDependency d;
1077 Iterator i;
1078 const char *prefix2;
1079 char
1080 timestamp0[FORMAT_TIMESTAMP_MAX],
1081 timestamp1[FORMAT_TIMESTAMP_MAX],
1082 timestamp2[FORMAT_TIMESTAMP_MAX],
1083 timestamp3[FORMAT_TIMESTAMP_MAX],
1084 timestamp4[FORMAT_TIMESTAMP_MAX],
1085 timespan[FORMAT_TIMESPAN_MAX];
1086 Unit *following;
1087 _cleanup_set_free_ Set *following_set = NULL;
1088 const char *n;
1089 CGroupMask m;
1090 int r;
1091
1092 assert(u);
1093 assert(u->type >= 0);
1094
1095 prefix = strempty(prefix);
1096 prefix2 = strjoina(prefix, "\t");
1097
1098 fprintf(f,
1099 "%s-> Unit %s:\n"
1100 "%s\tDescription: %s\n"
1101 "%s\tInstance: %s\n"
1102 "%s\tUnit Load State: %s\n"
1103 "%s\tUnit Active State: %s\n"
1104 "%s\tState Change Timestamp: %s\n"
1105 "%s\tInactive Exit Timestamp: %s\n"
1106 "%s\tActive Enter Timestamp: %s\n"
1107 "%s\tActive Exit Timestamp: %s\n"
1108 "%s\tInactive Enter Timestamp: %s\n"
1109 "%s\tMay GC: %s\n"
1110 "%s\tNeed Daemon Reload: %s\n"
1111 "%s\tTransient: %s\n"
1112 "%s\tPerpetual: %s\n"
1113 "%s\tGarbage Collection Mode: %s\n"
1114 "%s\tSlice: %s\n"
1115 "%s\tCGroup: %s\n"
1116 "%s\tCGroup realized: %s\n",
1117 prefix, u->id,
1118 prefix, unit_description(u),
1119 prefix, strna(u->instance),
1120 prefix, unit_load_state_to_string(u->load_state),
1121 prefix, unit_active_state_to_string(unit_active_state(u)),
1122 prefix, strna(format_timestamp(timestamp0, sizeof(timestamp0), u->state_change_timestamp.realtime)),
1123 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->inactive_exit_timestamp.realtime)),
1124 prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)),
1125 prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)),
1126 prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)),
1127 prefix, yes_no(unit_may_gc(u)),
1128 prefix, yes_no(unit_need_daemon_reload(u)),
1129 prefix, yes_no(u->transient),
1130 prefix, yes_no(u->perpetual),
1131 prefix, collect_mode_to_string(u->collect_mode),
1132 prefix, strna(unit_slice_name(u)),
1133 prefix, strna(u->cgroup_path),
1134 prefix, yes_no(u->cgroup_realized));
1135
1136 if (u->cgroup_realized_mask != 0) {
1137 _cleanup_free_ char *s = NULL;
1138 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1139 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1140 }
1141 if (u->cgroup_enabled_mask != 0) {
1142 _cleanup_free_ char *s = NULL;
1143 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1144 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1145 }
1146 m = unit_get_own_mask(u);
1147 if (m != 0) {
1148 _cleanup_free_ char *s = NULL;
1149 (void) cg_mask_to_string(m, &s);
1150 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1151 }
1152 m = unit_get_members_mask(u);
1153 if (m != 0) {
1154 _cleanup_free_ char *s = NULL;
1155 (void) cg_mask_to_string(m, &s);
1156 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1157 }
1158
1159 SET_FOREACH(t, u->names, i)
1160 fprintf(f, "%s\tName: %s\n", prefix, t);
1161
1162 if (!sd_id128_is_null(u->invocation_id))
1163 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1164 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1165
1166 STRV_FOREACH(j, u->documentation)
1167 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1168
1169 following = unit_following(u);
1170 if (following)
1171 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1172
1173 r = unit_following_set(u, &following_set);
1174 if (r >= 0) {
1175 Unit *other;
1176
1177 SET_FOREACH(other, following_set, i)
1178 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1179 }
1180
1181 if (u->fragment_path)
1182 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1183
1184 if (u->source_path)
1185 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1186
1187 STRV_FOREACH(j, u->dropin_paths)
1188 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1189
1190 if (u->failure_action != EMERGENCY_ACTION_NONE)
1191 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1192 if (u->success_action != EMERGENCY_ACTION_NONE)
1193 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1194
1195 if (u->job_timeout != USEC_INFINITY)
1196 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1197
1198 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1199 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1200
1201 if (u->job_timeout_reboot_arg)
1202 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1203
1204 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1205 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1206
1207 if (dual_timestamp_is_set(&u->condition_timestamp))
1208 fprintf(f,
1209 "%s\tCondition Timestamp: %s\n"
1210 "%s\tCondition Result: %s\n",
1211 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->condition_timestamp.realtime)),
1212 prefix, yes_no(u->condition_result));
1213
1214 if (dual_timestamp_is_set(&u->assert_timestamp))
1215 fprintf(f,
1216 "%s\tAssert Timestamp: %s\n"
1217 "%s\tAssert Result: %s\n",
1218 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->assert_timestamp.realtime)),
1219 prefix, yes_no(u->assert_result));
1220
1221 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1222 UnitDependencyInfo di;
1223 Unit *other;
1224
1225 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1226 bool space = false;
1227
1228 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1229
1230 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1231 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1232
1233 fputs(")\n", f);
1234 }
1235 }
1236
1237 if (!hashmap_isempty(u->requires_mounts_for)) {
1238 UnitDependencyInfo di;
1239 const char *path;
1240
1241 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1242 bool space = false;
1243
1244 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1245
1246 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1247 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1248
1249 fputs(")\n", f);
1250 }
1251 }
1252
1253 if (u->load_state == UNIT_LOADED) {
1254
1255 fprintf(f,
1256 "%s\tStopWhenUnneeded: %s\n"
1257 "%s\tRefuseManualStart: %s\n"
1258 "%s\tRefuseManualStop: %s\n"
1259 "%s\tDefaultDependencies: %s\n"
1260 "%s\tOnFailureJobMode: %s\n"
1261 "%s\tIgnoreOnIsolate: %s\n",
1262 prefix, yes_no(u->stop_when_unneeded),
1263 prefix, yes_no(u->refuse_manual_start),
1264 prefix, yes_no(u->refuse_manual_stop),
1265 prefix, yes_no(u->default_dependencies),
1266 prefix, job_mode_to_string(u->on_failure_job_mode),
1267 prefix, yes_no(u->ignore_on_isolate));
1268
1269 if (UNIT_VTABLE(u)->dump)
1270 UNIT_VTABLE(u)->dump(u, f, prefix2);
1271
1272 } else if (u->load_state == UNIT_MERGED)
1273 fprintf(f,
1274 "%s\tMerged into: %s\n",
1275 prefix, u->merged_into->id);
1276 else if (u->load_state == UNIT_ERROR)
1277 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror(-u->load_error));
1278
1279 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1280 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1281
1282 if (u->job)
1283 job_dump(u->job, f, prefix2);
1284
1285 if (u->nop_job)
1286 job_dump(u->nop_job, f, prefix2);
1287 }
1288
1289 /* Common implementation for multiple backends */
1290 int unit_load_fragment_and_dropin(Unit *u) {
1291 int r;
1292
1293 assert(u);
1294
1295 /* Load a .{service,socket,...} file */
1296 r = unit_load_fragment(u);
1297 if (r < 0)
1298 return r;
1299
1300 if (u->load_state == UNIT_STUB)
1301 return -ENOENT;
1302
1303 /* Load drop-in directory data. If u is an alias, we might be reloading the
1304 * target unit needlessly. But we cannot be sure which drops-ins have already
1305 * been loaded and which not, at least without doing complicated book-keeping,
1306 * so let's always reread all drop-ins. */
1307 return unit_load_dropin(unit_follow_merge(u));
1308 }
1309
1310 /* Common implementation for multiple backends */
1311 int unit_load_fragment_and_dropin_optional(Unit *u) {
1312 int r;
1313
1314 assert(u);
1315
1316 /* Same as unit_load_fragment_and_dropin(), but whether
1317 * something can be loaded or not doesn't matter. */
1318
1319 /* Load a .service/.socket/.slice/… file */
1320 r = unit_load_fragment(u);
1321 if (r < 0)
1322 return r;
1323
1324 if (u->load_state == UNIT_STUB)
1325 u->load_state = UNIT_LOADED;
1326
1327 /* Load drop-in directory data */
1328 return unit_load_dropin(unit_follow_merge(u));
1329 }
1330
1331 void unit_add_to_target_deps_queue(Unit *u) {
1332 Manager *m = u->manager;
1333
1334 assert(u);
1335
1336 if (u->in_target_deps_queue)
1337 return;
1338
1339 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1340 u->in_target_deps_queue = true;
1341 }
1342
1343 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1344 assert(u);
1345 assert(target);
1346
1347 if (target->type != UNIT_TARGET)
1348 return 0;
1349
1350 /* Only add the dependency if both units are loaded, so that
1351 * that loop check below is reliable */
1352 if (u->load_state != UNIT_LOADED ||
1353 target->load_state != UNIT_LOADED)
1354 return 0;
1355
1356 /* If either side wants no automatic dependencies, then let's
1357 * skip this */
1358 if (!u->default_dependencies ||
1359 !target->default_dependencies)
1360 return 0;
1361
1362 /* Don't create loops */
1363 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1364 return 0;
1365
1366 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1367 }
1368
1369 static int unit_add_slice_dependencies(Unit *u) {
1370 UnitDependencyMask mask;
1371 assert(u);
1372
1373 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1374 return 0;
1375
1376 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1377 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1378 relationship). */
1379 mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1380
1381 if (UNIT_ISSET(u->slice))
1382 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1383
1384 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1385 return 0;
1386
1387 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, NULL, true, mask);
1388 }
1389
1390 static int unit_add_mount_dependencies(Unit *u) {
1391 UnitDependencyInfo di;
1392 const char *path;
1393 Iterator i;
1394 int r;
1395
1396 assert(u);
1397
1398 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1399 char prefix[strlen(path) + 1];
1400
1401 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1402 _cleanup_free_ char *p = NULL;
1403 Unit *m;
1404
1405 r = unit_name_from_path(prefix, ".mount", &p);
1406 if (r < 0)
1407 return r;
1408
1409 m = manager_get_unit(u->manager, p);
1410 if (!m) {
1411 /* Make sure to load the mount unit if
1412 * it exists. If so the dependencies
1413 * on this unit will be added later
1414 * during the loading of the mount
1415 * unit. */
1416 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1417 continue;
1418 }
1419 if (m == u)
1420 continue;
1421
1422 if (m->load_state != UNIT_LOADED)
1423 continue;
1424
1425 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1426 if (r < 0)
1427 return r;
1428
1429 if (m->fragment_path) {
1430 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1431 if (r < 0)
1432 return r;
1433 }
1434 }
1435 }
1436
1437 return 0;
1438 }
1439
1440 static int unit_add_startup_units(Unit *u) {
1441 CGroupContext *c;
1442 int r;
1443
1444 c = unit_get_cgroup_context(u);
1445 if (!c)
1446 return 0;
1447
1448 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1449 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1450 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1451 return 0;
1452
1453 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1454 if (r < 0)
1455 return r;
1456
1457 return set_put(u->manager->startup_units, u);
1458 }
1459
1460 int unit_load(Unit *u) {
1461 int r;
1462
1463 assert(u);
1464
1465 if (u->in_load_queue) {
1466 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1467 u->in_load_queue = false;
1468 }
1469
1470 if (u->type == _UNIT_TYPE_INVALID)
1471 return -EINVAL;
1472
1473 if (u->load_state != UNIT_STUB)
1474 return 0;
1475
1476 if (u->transient_file) {
1477 r = fflush_and_check(u->transient_file);
1478 if (r < 0)
1479 goto fail;
1480
1481 u->transient_file = safe_fclose(u->transient_file);
1482 u->fragment_mtime = now(CLOCK_REALTIME);
1483 }
1484
1485 if (UNIT_VTABLE(u)->load) {
1486 r = UNIT_VTABLE(u)->load(u);
1487 if (r < 0)
1488 goto fail;
1489 }
1490
1491 if (u->load_state == UNIT_STUB) {
1492 r = -ENOENT;
1493 goto fail;
1494 }
1495
1496 if (u->load_state == UNIT_LOADED) {
1497 unit_add_to_target_deps_queue(u);
1498
1499 r = unit_add_slice_dependencies(u);
1500 if (r < 0)
1501 goto fail;
1502
1503 r = unit_add_mount_dependencies(u);
1504 if (r < 0)
1505 goto fail;
1506
1507 r = unit_add_startup_units(u);
1508 if (r < 0)
1509 goto fail;
1510
1511 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1512 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1513 r = -EINVAL;
1514 goto fail;
1515 }
1516
1517 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1518 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1519
1520 unit_update_cgroup_members_masks(u);
1521 }
1522
1523 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1524
1525 unit_add_to_dbus_queue(unit_follow_merge(u));
1526 unit_add_to_gc_queue(u);
1527
1528 return 0;
1529
1530 fail:
1531 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND : UNIT_ERROR;
1532 u->load_error = r;
1533 unit_add_to_dbus_queue(u);
1534 unit_add_to_gc_queue(u);
1535
1536 log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1537
1538 return r;
1539 }
1540
1541 static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to_string)(ConditionType t)) {
1542 Condition *c;
1543 int triggered = -1;
1544
1545 assert(u);
1546 assert(to_string);
1547
1548 /* If the condition list is empty, then it is true */
1549 if (!first)
1550 return true;
1551
1552 /* Otherwise, if all of the non-trigger conditions apply and
1553 * if any of the trigger conditions apply (unless there are
1554 * none) we return true */
1555 LIST_FOREACH(conditions, c, first) {
1556 int r;
1557
1558 r = condition_test(c);
1559 if (r < 0)
1560 log_unit_warning(u,
1561 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1562 to_string(c->type),
1563 c->trigger ? "|" : "",
1564 c->negate ? "!" : "",
1565 c->parameter);
1566 else
1567 log_unit_debug(u,
1568 "%s=%s%s%s %s.",
1569 to_string(c->type),
1570 c->trigger ? "|" : "",
1571 c->negate ? "!" : "",
1572 c->parameter,
1573 condition_result_to_string(c->result));
1574
1575 if (!c->trigger && r <= 0)
1576 return false;
1577
1578 if (c->trigger && triggered <= 0)
1579 triggered = r > 0;
1580 }
1581
1582 return triggered != 0;
1583 }
1584
1585 static bool unit_condition_test(Unit *u) {
1586 assert(u);
1587
1588 dual_timestamp_get(&u->condition_timestamp);
1589 u->condition_result = unit_condition_test_list(u, u->conditions, condition_type_to_string);
1590
1591 return u->condition_result;
1592 }
1593
1594 static bool unit_assert_test(Unit *u) {
1595 assert(u);
1596
1597 dual_timestamp_get(&u->assert_timestamp);
1598 u->assert_result = unit_condition_test_list(u, u->asserts, assert_type_to_string);
1599
1600 return u->assert_result;
1601 }
1602
1603 void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
1604 DISABLE_WARNING_FORMAT_NONLITERAL;
1605 manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, unit_description(u));
1606 REENABLE_WARNING;
1607 }
1608
1609 _pure_ static const char* unit_get_status_message_format(Unit *u, JobType t) {
1610 const char *format;
1611 const UnitStatusMessageFormats *format_table;
1612
1613 assert(u);
1614 assert(IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD));
1615
1616 if (t != JOB_RELOAD) {
1617 format_table = &UNIT_VTABLE(u)->status_message_formats;
1618 if (format_table) {
1619 format = format_table->starting_stopping[t == JOB_STOP];
1620 if (format)
1621 return format;
1622 }
1623 }
1624
1625 /* Return generic strings */
1626 if (t == JOB_START)
1627 return "Starting %s.";
1628 else if (t == JOB_STOP)
1629 return "Stopping %s.";
1630 else
1631 return "Reloading %s.";
1632 }
1633
1634 static void unit_status_print_starting_stopping(Unit *u, JobType t) {
1635 const char *format;
1636
1637 assert(u);
1638
1639 /* Reload status messages have traditionally not been printed to console. */
1640 if (!IN_SET(t, JOB_START, JOB_STOP))
1641 return;
1642
1643 format = unit_get_status_message_format(u, t);
1644
1645 DISABLE_WARNING_FORMAT_NONLITERAL;
1646 unit_status_printf(u, "", format);
1647 REENABLE_WARNING;
1648 }
1649
1650 static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) {
1651 const char *format, *mid;
1652 char buf[LINE_MAX];
1653
1654 assert(u);
1655
1656 if (!IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD))
1657 return;
1658
1659 if (log_on_console())
1660 return;
1661
1662 /* We log status messages for all units and all operations. */
1663
1664 format = unit_get_status_message_format(u, t);
1665
1666 DISABLE_WARNING_FORMAT_NONLITERAL;
1667 (void) snprintf(buf, sizeof buf, format, unit_description(u));
1668 REENABLE_WARNING;
1669
1670 mid = t == JOB_START ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STARTING_STR :
1671 t == JOB_STOP ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STOPPING_STR :
1672 "MESSAGE_ID=" SD_MESSAGE_UNIT_RELOADING_STR;
1673
1674 /* Note that we deliberately use LOG_MESSAGE() instead of
1675 * LOG_UNIT_MESSAGE() here, since this is supposed to mimic
1676 * closely what is written to screen using the status output,
1677 * which is supposed the highest level, friendliest output
1678 * possible, which means we should avoid the low-level unit
1679 * name. */
1680 log_struct(LOG_INFO,
1681 LOG_MESSAGE("%s", buf),
1682 LOG_UNIT_ID(u),
1683 LOG_UNIT_INVOCATION_ID(u),
1684 mid);
1685 }
1686
1687 void unit_status_emit_starting_stopping_reloading(Unit *u, JobType t) {
1688 assert(u);
1689 assert(t >= 0);
1690 assert(t < _JOB_TYPE_MAX);
1691
1692 unit_status_log_starting_stopping_reloading(u, t);
1693 unit_status_print_starting_stopping(u, t);
1694 }
1695
1696 int unit_start_limit_test(Unit *u) {
1697 assert(u);
1698
1699 if (ratelimit_below(&u->start_limit)) {
1700 u->start_limit_hit = false;
1701 return 0;
1702 }
1703
1704 log_unit_warning(u, "Start request repeated too quickly.");
1705 u->start_limit_hit = true;
1706
1707 return emergency_action(u->manager, u->start_limit_action, u->reboot_arg, "unit failed");
1708 }
1709
1710 bool unit_shall_confirm_spawn(Unit *u) {
1711 assert(u);
1712
1713 if (manager_is_confirm_spawn_disabled(u->manager))
1714 return false;
1715
1716 /* For some reasons units remaining in the same process group
1717 * as PID 1 fail to acquire the console even if it's not used
1718 * by any process. So skip the confirmation question for them. */
1719 return !unit_get_exec_context(u)->same_pgrp;
1720 }
1721
1722 static bool unit_verify_deps(Unit *u) {
1723 Unit *other;
1724 Iterator j;
1725 void *v;
1726
1727 assert(u);
1728
1729 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1730 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1731 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1732 * conjunction with After= as for them any such check would make things entirely racy. */
1733
1734 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1735
1736 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1737 continue;
1738
1739 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1740 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1741 return false;
1742 }
1743 }
1744
1745 return true;
1746 }
1747
1748 /* Errors:
1749 * -EBADR: This unit type does not support starting.
1750 * -EALREADY: Unit is already started.
1751 * -EAGAIN: An operation is already in progress. Retry later.
1752 * -ECANCELED: Too many requests for now.
1753 * -EPROTO: Assert failed
1754 * -EINVAL: Unit not loaded
1755 * -EOPNOTSUPP: Unit type not supported
1756 * -ENOLINK: The necessary dependencies are not fulfilled.
1757 * -ESTALE: This unit has been started before and can't be started a second time
1758 */
1759 int unit_start(Unit *u) {
1760 UnitActiveState state;
1761 Unit *following;
1762
1763 assert(u);
1764
1765 /* If this is already started, then this will succeed. Note
1766 * that this will even succeed if this unit is not startable
1767 * by the user. This is relied on to detect when we need to
1768 * wait for units and when waiting is finished. */
1769 state = unit_active_state(u);
1770 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1771 return -EALREADY;
1772
1773 /* Units that aren't loaded cannot be started */
1774 if (u->load_state != UNIT_LOADED)
1775 return -EINVAL;
1776
1777 /* Refuse starting scope units more than once */
1778 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1779 return -ESTALE;
1780
1781 /* If the conditions failed, don't do anything at all. If we
1782 * already are activating this call might still be useful to
1783 * speed up activation in case there is some hold-off time,
1784 * but we don't want to recheck the condition in that case. */
1785 if (state != UNIT_ACTIVATING &&
1786 !unit_condition_test(u)) {
1787 log_unit_debug(u, "Starting requested but condition failed. Not starting unit.");
1788 return -EALREADY;
1789 }
1790
1791 /* If the asserts failed, fail the entire job */
1792 if (state != UNIT_ACTIVATING &&
1793 !unit_assert_test(u)) {
1794 log_unit_notice(u, "Starting requested but asserts failed.");
1795 return -EPROTO;
1796 }
1797
1798 /* Units of types that aren't supported cannot be
1799 * started. Note that we do this test only after the condition
1800 * checks, so that we rather return condition check errors
1801 * (which are usually not considered a true failure) than "not
1802 * supported" errors (which are considered a failure).
1803 */
1804 if (!unit_supported(u))
1805 return -EOPNOTSUPP;
1806
1807 /* Let's make sure that the deps really are in order before we start this. Normally the job engine should have
1808 * taken care of this already, but let's check this here again. After all, our dependencies might not be in
1809 * effect anymore, due to a reload or due to a failed condition. */
1810 if (!unit_verify_deps(u))
1811 return -ENOLINK;
1812
1813 /* Forward to the main object, if we aren't it. */
1814 following = unit_following(u);
1815 if (following) {
1816 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1817 return unit_start(following);
1818 }
1819
1820 /* If it is stopped, but we cannot start it, then fail */
1821 if (!UNIT_VTABLE(u)->start)
1822 return -EBADR;
1823
1824 /* We don't suppress calls to ->start() here when we are
1825 * already starting, to allow this request to be used as a
1826 * "hurry up" call, for example when the unit is in some "auto
1827 * restart" state where it waits for a holdoff timer to elapse
1828 * before it will start again. */
1829
1830 unit_add_to_dbus_queue(u);
1831
1832 return UNIT_VTABLE(u)->start(u);
1833 }
1834
1835 bool unit_can_start(Unit *u) {
1836 assert(u);
1837
1838 if (u->load_state != UNIT_LOADED)
1839 return false;
1840
1841 if (!unit_supported(u))
1842 return false;
1843
1844 /* Scope units may be started only once */
1845 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1846 return false;
1847
1848 return !!UNIT_VTABLE(u)->start;
1849 }
1850
1851 bool unit_can_isolate(Unit *u) {
1852 assert(u);
1853
1854 return unit_can_start(u) &&
1855 u->allow_isolate;
1856 }
1857
1858 /* Errors:
1859 * -EBADR: This unit type does not support stopping.
1860 * -EALREADY: Unit is already stopped.
1861 * -EAGAIN: An operation is already in progress. Retry later.
1862 */
1863 int unit_stop(Unit *u) {
1864 UnitActiveState state;
1865 Unit *following;
1866
1867 assert(u);
1868
1869 state = unit_active_state(u);
1870 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1871 return -EALREADY;
1872
1873 following = unit_following(u);
1874 if (following) {
1875 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1876 return unit_stop(following);
1877 }
1878
1879 if (!UNIT_VTABLE(u)->stop)
1880 return -EBADR;
1881
1882 unit_add_to_dbus_queue(u);
1883
1884 return UNIT_VTABLE(u)->stop(u);
1885 }
1886
1887 bool unit_can_stop(Unit *u) {
1888 assert(u);
1889
1890 if (!unit_supported(u))
1891 return false;
1892
1893 if (u->perpetual)
1894 return false;
1895
1896 return !!UNIT_VTABLE(u)->stop;
1897 }
1898
1899 /* Errors:
1900 * -EBADR: This unit type does not support reloading.
1901 * -ENOEXEC: Unit is not started.
1902 * -EAGAIN: An operation is already in progress. Retry later.
1903 */
1904 int unit_reload(Unit *u) {
1905 UnitActiveState state;
1906 Unit *following;
1907
1908 assert(u);
1909
1910 if (u->load_state != UNIT_LOADED)
1911 return -EINVAL;
1912
1913 if (!unit_can_reload(u))
1914 return -EBADR;
1915
1916 state = unit_active_state(u);
1917 if (state == UNIT_RELOADING)
1918 return -EALREADY;
1919
1920 if (state != UNIT_ACTIVE) {
1921 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
1922 return -ENOEXEC;
1923 }
1924
1925 following = unit_following(u);
1926 if (following) {
1927 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
1928 return unit_reload(following);
1929 }
1930
1931 unit_add_to_dbus_queue(u);
1932
1933 if (!UNIT_VTABLE(u)->reload) {
1934 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1935 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
1936 return 0;
1937 }
1938
1939 return UNIT_VTABLE(u)->reload(u);
1940 }
1941
1942 bool unit_can_reload(Unit *u) {
1943 assert(u);
1944
1945 if (UNIT_VTABLE(u)->can_reload)
1946 return UNIT_VTABLE(u)->can_reload(u);
1947
1948 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
1949 return true;
1950
1951 return UNIT_VTABLE(u)->reload;
1952 }
1953
1954 static void unit_check_unneeded(Unit *u) {
1955
1956 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1957
1958 static const UnitDependency needed_dependencies[] = {
1959 UNIT_REQUIRED_BY,
1960 UNIT_REQUISITE_OF,
1961 UNIT_WANTED_BY,
1962 UNIT_BOUND_BY,
1963 };
1964
1965 unsigned j;
1966 int r;
1967
1968 assert(u);
1969
1970 /* If this service shall be shut down when unneeded then do
1971 * so. */
1972
1973 if (!u->stop_when_unneeded)
1974 return;
1975
1976 if (!UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
1977 return;
1978
1979 for (j = 0; j < ELEMENTSOF(needed_dependencies); j++) {
1980 Unit *other;
1981 Iterator i;
1982 void *v;
1983
1984 HASHMAP_FOREACH_KEY(v, other, u->dependencies[needed_dependencies[j]], i)
1985 if (unit_active_or_pending(other) || unit_will_restart(other))
1986 return;
1987 }
1988
1989 /* If stopping a unit fails continuously we might enter a stop
1990 * loop here, hence stop acting on the service being
1991 * unnecessary after a while. */
1992 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
1993 log_unit_warning(u, "Unit not needed anymore, but not stopping since we tried this too often recently.");
1994 return;
1995 }
1996
1997 log_unit_info(u, "Unit not needed anymore. Stopping.");
1998
1999 /* Ok, nobody needs us anymore. Sniff. Then let's commit suicide */
2000 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2001 if (r < 0)
2002 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2003 }
2004
2005 static void unit_check_binds_to(Unit *u) {
2006 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2007 bool stop = false;
2008 Unit *other;
2009 Iterator i;
2010 void *v;
2011 int r;
2012
2013 assert(u);
2014
2015 if (u->job)
2016 return;
2017
2018 if (unit_active_state(u) != UNIT_ACTIVE)
2019 return;
2020
2021 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2022 if (other->job)
2023 continue;
2024
2025 if (!other->coldplugged)
2026 /* We might yet create a job for the other unit… */
2027 continue;
2028
2029 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2030 continue;
2031
2032 stop = true;
2033 break;
2034 }
2035
2036 if (!stop)
2037 return;
2038
2039 /* If stopping a unit fails continuously we might enter a stop
2040 * loop here, hence stop acting on the service being
2041 * unnecessary after a while. */
2042 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
2043 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2044 return;
2045 }
2046
2047 assert(other);
2048 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2049
2050 /* A unit we need to run is gone. Sniff. Let's stop this. */
2051 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2052 if (r < 0)
2053 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2054 }
2055
2056 static void retroactively_start_dependencies(Unit *u) {
2057 Iterator i;
2058 Unit *other;
2059 void *v;
2060
2061 assert(u);
2062 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2063
2064 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2065 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2066 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2067 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2068
2069 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2070 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2071 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2072 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2073
2074 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2075 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2076 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2077 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL);
2078
2079 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2080 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2081 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2082
2083 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2084 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2085 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2086 }
2087
2088 static void retroactively_stop_dependencies(Unit *u) {
2089 Unit *other;
2090 Iterator i;
2091 void *v;
2092
2093 assert(u);
2094 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2095
2096 /* Pull down units which are bound to us recursively if enabled */
2097 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2098 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2099 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2100 }
2101
2102 static void check_unneeded_dependencies(Unit *u) {
2103 Unit *other;
2104 Iterator i;
2105 void *v;
2106
2107 assert(u);
2108 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2109
2110 /* Garbage collect services that might not be needed anymore, if enabled */
2111 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2112 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2113 unit_check_unneeded(other);
2114 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2115 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2116 unit_check_unneeded(other);
2117 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUISITE], i)
2118 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2119 unit_check_unneeded(other);
2120 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2121 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2122 unit_check_unneeded(other);
2123 }
2124
2125 void unit_start_on_failure(Unit *u) {
2126 Unit *other;
2127 Iterator i;
2128 void *v;
2129 int r;
2130
2131 assert(u);
2132
2133 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2134 return;
2135
2136 log_unit_info(u, "Triggering OnFailure= dependencies.");
2137
2138 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2139 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2140
2141 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, &error, NULL);
2142 if (r < 0)
2143 log_unit_warning_errno(u, r, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error, r));
2144 }
2145 }
2146
2147 void unit_trigger_notify(Unit *u) {
2148 Unit *other;
2149 Iterator i;
2150 void *v;
2151
2152 assert(u);
2153
2154 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2155 if (UNIT_VTABLE(other)->trigger_notify)
2156 UNIT_VTABLE(other)->trigger_notify(other, u);
2157 }
2158
2159 static int unit_log_resources(Unit *u) {
2160
2161 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + 4];
2162 size_t n_message_parts = 0, n_iovec = 0;
2163 char* message_parts[3 + 1], *t;
2164 nsec_t nsec = NSEC_INFINITY;
2165 CGroupIPAccountingMetric m;
2166 size_t i;
2167 int r;
2168 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2169 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2170 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2171 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2172 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2173 };
2174
2175 assert(u);
2176
2177 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2178 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2179 * information and the complete data in structured fields. */
2180
2181 (void) unit_get_cpu_usage(u, &nsec);
2182 if (nsec != NSEC_INFINITY) {
2183 char buf[FORMAT_TIMESPAN_MAX] = "";
2184
2185 /* Format the CPU time for inclusion in the structured log message */
2186 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2187 r = log_oom();
2188 goto finish;
2189 }
2190 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2191
2192 /* Format the CPU time for inclusion in the human language message string */
2193 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2194 t = strjoin(n_message_parts > 0 ? "consumed " : "Consumed ", buf, " CPU time");
2195 if (!t) {
2196 r = log_oom();
2197 goto finish;
2198 }
2199
2200 message_parts[n_message_parts++] = t;
2201 }
2202
2203 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2204 char buf[FORMAT_BYTES_MAX] = "";
2205 uint64_t value = UINT64_MAX;
2206
2207 assert(ip_fields[m]);
2208
2209 (void) unit_get_ip_accounting(u, m, &value);
2210 if (value == UINT64_MAX)
2211 continue;
2212
2213 /* Format IP accounting data for inclusion in the structured log message */
2214 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2215 r = log_oom();
2216 goto finish;
2217 }
2218 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2219
2220 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2221 * bytes counters (and not for the packets counters) */
2222 if (m == CGROUP_IP_INGRESS_BYTES)
2223 t = strjoin(n_message_parts > 0 ? "received " : "Received ",
2224 format_bytes(buf, sizeof(buf), value),
2225 " IP traffic");
2226 else if (m == CGROUP_IP_EGRESS_BYTES)
2227 t = strjoin(n_message_parts > 0 ? "sent " : "Sent ",
2228 format_bytes(buf, sizeof(buf), value),
2229 " IP traffic");
2230 else
2231 continue;
2232 if (!t) {
2233 r = log_oom();
2234 goto finish;
2235 }
2236
2237 message_parts[n_message_parts++] = t;
2238 }
2239
2240 /* Is there any accounting data available at all? */
2241 if (n_iovec == 0) {
2242 r = 0;
2243 goto finish;
2244 }
2245
2246 if (n_message_parts == 0)
2247 t = strjoina("MESSAGE=", u->id, ": Completed");
2248 else {
2249 _cleanup_free_ char *joined;
2250
2251 message_parts[n_message_parts] = NULL;
2252
2253 joined = strv_join(message_parts, ", ");
2254 if (!joined) {
2255 r = log_oom();
2256 goto finish;
2257 }
2258
2259 t = strjoina("MESSAGE=", u->id, ": ", joined);
2260 }
2261
2262 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2263 * and hence don't increase n_iovec for them */
2264 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2265 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2266
2267 t = strjoina(u->manager->unit_log_field, u->id);
2268 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2269
2270 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2271 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2272
2273 log_struct_iovec(LOG_INFO, iovec, n_iovec + 4);
2274 r = 0;
2275
2276 finish:
2277 for (i = 0; i < n_message_parts; i++)
2278 free(message_parts[i]);
2279
2280 for (i = 0; i < n_iovec; i++)
2281 free(iovec[i].iov_base);
2282
2283 return r;
2284
2285 }
2286
2287 static void unit_update_on_console(Unit *u) {
2288 bool b;
2289
2290 assert(u);
2291
2292 b = unit_needs_console(u);
2293 if (u->on_console == b)
2294 return;
2295
2296 u->on_console = b;
2297 if (b)
2298 manager_ref_console(u->manager);
2299 else
2300 manager_unref_console(u->manager);
2301
2302 }
2303
2304 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
2305 bool unexpected;
2306 Manager *m;
2307
2308 assert(u);
2309 assert(os < _UNIT_ACTIVE_STATE_MAX);
2310 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2311
2312 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2313 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2314 * remounted this function will be called too! */
2315
2316 m = u->manager;
2317
2318 /* Update timestamps for state changes */
2319 if (!MANAGER_IS_RELOADING(m)) {
2320 dual_timestamp_get(&u->state_change_timestamp);
2321
2322 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2323 u->inactive_exit_timestamp = u->state_change_timestamp;
2324 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2325 u->inactive_enter_timestamp = u->state_change_timestamp;
2326
2327 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2328 u->active_enter_timestamp = u->state_change_timestamp;
2329 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2330 u->active_exit_timestamp = u->state_change_timestamp;
2331 }
2332
2333 /* Keep track of failed units */
2334 (void) manager_update_failed_units(u->manager, u, ns == UNIT_FAILED);
2335
2336 /* Make sure the cgroup and state files are always removed when we become inactive */
2337 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2338 unit_prune_cgroup(u);
2339 unit_unlink_state_files(u);
2340 }
2341
2342 unit_update_on_console(u);
2343
2344 if (u->job) {
2345 unexpected = false;
2346
2347 if (u->job->state == JOB_WAITING)
2348
2349 /* So we reached a different state for this
2350 * job. Let's see if we can run it now if it
2351 * failed previously due to EAGAIN. */
2352 job_add_to_run_queue(u->job);
2353
2354 /* Let's check whether this state change constitutes a
2355 * finished job, or maybe contradicts a running job and
2356 * hence needs to invalidate jobs. */
2357
2358 switch (u->job->type) {
2359
2360 case JOB_START:
2361 case JOB_VERIFY_ACTIVE:
2362
2363 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2364 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2365 else if (u->job->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2366 unexpected = true;
2367
2368 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2369 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2370 }
2371
2372 break;
2373
2374 case JOB_RELOAD:
2375 case JOB_RELOAD_OR_START:
2376 case JOB_TRY_RELOAD:
2377
2378 if (u->job->state == JOB_RUNNING) {
2379 if (ns == UNIT_ACTIVE)
2380 job_finish_and_invalidate(u->job, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2381 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2382 unexpected = true;
2383
2384 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2385 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2386 }
2387 }
2388
2389 break;
2390
2391 case JOB_STOP:
2392 case JOB_RESTART:
2393 case JOB_TRY_RESTART:
2394
2395 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2396 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2397 else if (u->job->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2398 unexpected = true;
2399 job_finish_and_invalidate(u->job, JOB_FAILED, true, false);
2400 }
2401
2402 break;
2403
2404 default:
2405 assert_not_reached("Job type unknown");
2406 }
2407
2408 } else
2409 unexpected = true;
2410
2411 if (!MANAGER_IS_RELOADING(m)) {
2412
2413 /* If this state change happened without being
2414 * requested by a job, then let's retroactively start
2415 * or stop dependencies. We skip that step when
2416 * deserializing, since we don't want to create any
2417 * additional jobs just because something is already
2418 * activated. */
2419
2420 if (unexpected) {
2421 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2422 retroactively_start_dependencies(u);
2423 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2424 retroactively_stop_dependencies(u);
2425 }
2426
2427 /* stop unneeded units regardless if going down was expected or not */
2428 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2429 check_unneeded_dependencies(u);
2430
2431 if (ns != os && ns == UNIT_FAILED) {
2432 log_unit_debug(u, "Unit entered failed state.");
2433
2434 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2435 unit_start_on_failure(u);
2436 }
2437 }
2438
2439 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2440
2441 if (u->type == UNIT_SERVICE &&
2442 !UNIT_IS_ACTIVE_OR_RELOADING(os) &&
2443 !MANAGER_IS_RELOADING(m)) {
2444 /* Write audit record if we have just finished starting up */
2445 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, true);
2446 u->in_audit = true;
2447 }
2448
2449 if (!UNIT_IS_ACTIVE_OR_RELOADING(os))
2450 manager_send_unit_plymouth(m, u);
2451
2452 } else {
2453
2454 if (UNIT_IS_INACTIVE_OR_FAILED(ns) &&
2455 !UNIT_IS_INACTIVE_OR_FAILED(os)
2456 && !MANAGER_IS_RELOADING(m)) {
2457
2458 /* This unit just stopped/failed. */
2459 if (u->type == UNIT_SERVICE) {
2460
2461 /* Hmm, if there was no start record written
2462 * write it now, so that we always have a nice
2463 * pair */
2464 if (!u->in_audit) {
2465 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, ns == UNIT_INACTIVE);
2466
2467 if (ns == UNIT_INACTIVE)
2468 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, true);
2469 } else
2470 /* Write audit record if we have just finished shutting down */
2471 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, ns == UNIT_INACTIVE);
2472
2473 u->in_audit = false;
2474 }
2475
2476 /* Write a log message about consumed resources */
2477 unit_log_resources(u);
2478 }
2479 }
2480
2481 manager_recheck_journal(m);
2482 manager_recheck_dbus(m);
2483
2484 unit_trigger_notify(u);
2485
2486 if (!MANAGER_IS_RELOADING(u->manager)) {
2487 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2488 unit_check_unneeded(u);
2489
2490 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2491 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2492 * without ever entering started.) */
2493 unit_check_binds_to(u);
2494
2495 if (os != UNIT_FAILED && ns == UNIT_FAILED)
2496 (void) emergency_action(u->manager, u->failure_action, u->reboot_arg, "unit failed");
2497 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE)
2498 (void) emergency_action(u->manager, u->success_action, u->reboot_arg, "unit succeeded");
2499 }
2500
2501 unit_add_to_dbus_queue(u);
2502 unit_add_to_gc_queue(u);
2503 }
2504
2505 int unit_watch_pid(Unit *u, pid_t pid) {
2506 int r;
2507
2508 assert(u);
2509 assert(pid_is_valid(pid));
2510
2511 /* Watch a specific PID */
2512
2513 r = set_ensure_allocated(&u->pids, NULL);
2514 if (r < 0)
2515 return r;
2516
2517 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2518 if (r < 0)
2519 return r;
2520
2521 /* First try, let's add the unit keyed by "pid". */
2522 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2523 if (r == -EEXIST) {
2524 Unit **array;
2525 bool found = false;
2526 size_t n = 0;
2527
2528 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2529 * to an array of Units rather than just a Unit), lists us already. */
2530
2531 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2532 if (array)
2533 for (; array[n]; n++)
2534 if (array[n] == u)
2535 found = true;
2536
2537 if (found) /* Found it already? if so, do nothing */
2538 r = 0;
2539 else {
2540 Unit **new_array;
2541
2542 /* Allocate a new array */
2543 new_array = new(Unit*, n + 2);
2544 if (!new_array)
2545 return -ENOMEM;
2546
2547 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2548 new_array[n] = u;
2549 new_array[n+1] = NULL;
2550
2551 /* Add or replace the old array */
2552 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2553 if (r < 0) {
2554 free(new_array);
2555 return r;
2556 }
2557
2558 free(array);
2559 }
2560 } else if (r < 0)
2561 return r;
2562
2563 r = set_put(u->pids, PID_TO_PTR(pid));
2564 if (r < 0)
2565 return r;
2566
2567 return 0;
2568 }
2569
2570 void unit_unwatch_pid(Unit *u, pid_t pid) {
2571 Unit **array;
2572
2573 assert(u);
2574 assert(pid_is_valid(pid));
2575
2576 /* First let's drop the unit in case it's keyed as "pid". */
2577 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2578
2579 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2580 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2581 if (array) {
2582 size_t n, m = 0;
2583
2584 /* Let's iterate through the array, dropping our own entry */
2585 for (n = 0; array[n]; n++)
2586 if (array[n] != u)
2587 array[m++] = array[n];
2588 array[m] = NULL;
2589
2590 if (m == 0) {
2591 /* The array is now empty, remove the entire entry */
2592 assert(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2593 free(array);
2594 }
2595 }
2596
2597 (void) set_remove(u->pids, PID_TO_PTR(pid));
2598 }
2599
2600 void unit_unwatch_all_pids(Unit *u) {
2601 assert(u);
2602
2603 while (!set_isempty(u->pids))
2604 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2605
2606 u->pids = set_free(u->pids);
2607 }
2608
2609 static void unit_tidy_watch_pids(Unit *u) {
2610 pid_t except1, except2;
2611 Iterator i;
2612 void *e;
2613
2614 assert(u);
2615
2616 /* Cleans dead PIDs from our list */
2617
2618 except1 = unit_main_pid(u);
2619 except2 = unit_control_pid(u);
2620
2621 SET_FOREACH(e, u->pids, i) {
2622 pid_t pid = PTR_TO_PID(e);
2623
2624 if (pid == except1 || pid == except2)
2625 continue;
2626
2627 if (!pid_is_unwaited(pid))
2628 unit_unwatch_pid(u, pid);
2629 }
2630 }
2631
2632 static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2633 Unit *u = userdata;
2634
2635 assert(s);
2636 assert(u);
2637
2638 unit_tidy_watch_pids(u);
2639 unit_watch_all_pids(u);
2640
2641 /* If the PID set is empty now, then let's finish this off. */
2642 unit_synthesize_cgroup_empty_event(u);
2643
2644 return 0;
2645 }
2646
2647 int unit_enqueue_rewatch_pids(Unit *u) {
2648 int r;
2649
2650 assert(u);
2651
2652 if (!u->cgroup_path)
2653 return -ENOENT;
2654
2655 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2656 if (r < 0)
2657 return r;
2658 if (r > 0) /* On unified we can use proper notifications */
2659 return 0;
2660
2661 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2662 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2663 * involves issuing kill(pid, 0) on all processes we watch. */
2664
2665 if (!u->rewatch_pids_event_source) {
2666 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2667
2668 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2669 if (r < 0)
2670 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2671
2672 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2673 if (r < 0)
2674 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: m");
2675
2676 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2677
2678 u->rewatch_pids_event_source = TAKE_PTR(s);
2679 }
2680
2681 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2682 if (r < 0)
2683 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2684
2685 return 0;
2686 }
2687
2688 void unit_dequeue_rewatch_pids(Unit *u) {
2689 int r;
2690 assert(u);
2691
2692 if (!u->rewatch_pids_event_source)
2693 return;
2694
2695 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2696 if (r < 0)
2697 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2698
2699 u->rewatch_pids_event_source = sd_event_source_unref(u->rewatch_pids_event_source);
2700 }
2701
2702 bool unit_job_is_applicable(Unit *u, JobType j) {
2703 assert(u);
2704 assert(j >= 0 && j < _JOB_TYPE_MAX);
2705
2706 switch (j) {
2707
2708 case JOB_VERIFY_ACTIVE:
2709 case JOB_START:
2710 case JOB_NOP:
2711 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2712 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2713 * jobs for it. */
2714 return true;
2715
2716 case JOB_STOP:
2717 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2718 * external events), hence it makes no sense to permit enqueing such a request either. */
2719 return !u->perpetual;
2720
2721 case JOB_RESTART:
2722 case JOB_TRY_RESTART:
2723 return unit_can_stop(u) && unit_can_start(u);
2724
2725 case JOB_RELOAD:
2726 case JOB_TRY_RELOAD:
2727 return unit_can_reload(u);
2728
2729 case JOB_RELOAD_OR_START:
2730 return unit_can_reload(u) && unit_can_start(u);
2731
2732 default:
2733 assert_not_reached("Invalid job type");
2734 }
2735 }
2736
2737 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2738 assert(u);
2739
2740 /* Only warn about some unit types */
2741 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2742 return;
2743
2744 if (streq_ptr(u->id, other))
2745 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2746 else
2747 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2748 }
2749
2750 static int unit_add_dependency_hashmap(
2751 Hashmap **h,
2752 Unit *other,
2753 UnitDependencyMask origin_mask,
2754 UnitDependencyMask destination_mask) {
2755
2756 UnitDependencyInfo info;
2757 int r;
2758
2759 assert(h);
2760 assert(other);
2761 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2762 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2763 assert(origin_mask > 0 || destination_mask > 0);
2764
2765 r = hashmap_ensure_allocated(h, NULL);
2766 if (r < 0)
2767 return r;
2768
2769 assert_cc(sizeof(void*) == sizeof(info));
2770
2771 info.data = hashmap_get(*h, other);
2772 if (info.data) {
2773 /* Entry already exists. Add in our mask. */
2774
2775 if (FLAGS_SET(origin_mask, info.origin_mask) &&
2776 FLAGS_SET(destination_mask, info.destination_mask))
2777 return 0; /* NOP */
2778
2779 info.origin_mask |= origin_mask;
2780 info.destination_mask |= destination_mask;
2781
2782 r = hashmap_update(*h, other, info.data);
2783 } else {
2784 info = (UnitDependencyInfo) {
2785 .origin_mask = origin_mask,
2786 .destination_mask = destination_mask,
2787 };
2788
2789 r = hashmap_put(*h, other, info.data);
2790 }
2791 if (r < 0)
2792 return r;
2793
2794 return 1;
2795 }
2796
2797 int unit_add_dependency(
2798 Unit *u,
2799 UnitDependency d,
2800 Unit *other,
2801 bool add_reference,
2802 UnitDependencyMask mask) {
2803
2804 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2805 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
2806 [UNIT_WANTS] = UNIT_WANTED_BY,
2807 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
2808 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
2809 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
2810 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
2811 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
2812 [UNIT_WANTED_BY] = UNIT_WANTS,
2813 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
2814 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
2815 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2816 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
2817 [UNIT_BEFORE] = UNIT_AFTER,
2818 [UNIT_AFTER] = UNIT_BEFORE,
2819 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
2820 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
2821 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2822 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
2823 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
2824 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
2825 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
2826 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
2827 };
2828 Unit *original_u = u, *original_other = other;
2829 int r;
2830
2831 assert(u);
2832 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
2833 assert(other);
2834
2835 u = unit_follow_merge(u);
2836 other = unit_follow_merge(other);
2837
2838 /* We won't allow dependencies on ourselves. We will not
2839 * consider them an error however. */
2840 if (u == other) {
2841 maybe_warn_about_dependency(original_u, original_other->id, d);
2842 return 0;
2843 }
2844
2845 if ((d == UNIT_BEFORE && other->type == UNIT_DEVICE) ||
2846 (d == UNIT_AFTER && u->type == UNIT_DEVICE)) {
2847 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
2848 return 0;
2849 }
2850
2851 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
2852 if (r < 0)
2853 return r;
2854
2855 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2856 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
2857 if (r < 0)
2858 return r;
2859 }
2860
2861 if (add_reference) {
2862 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
2863 if (r < 0)
2864 return r;
2865
2866 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
2867 if (r < 0)
2868 return r;
2869 }
2870
2871 unit_add_to_dbus_queue(u);
2872 return 0;
2873 }
2874
2875 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2876 int r;
2877
2878 assert(u);
2879
2880 r = unit_add_dependency(u, d, other, add_reference, mask);
2881 if (r < 0)
2882 return r;
2883
2884 return unit_add_dependency(u, e, other, add_reference, mask);
2885 }
2886
2887 static int resolve_template(Unit *u, const char *name, const char*path, char **buf, const char **ret) {
2888 int r;
2889
2890 assert(u);
2891 assert(name || path);
2892 assert(buf);
2893 assert(ret);
2894
2895 if (!name)
2896 name = basename(path);
2897
2898 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
2899 *buf = NULL;
2900 *ret = name;
2901 return 0;
2902 }
2903
2904 if (u->instance)
2905 r = unit_name_replace_instance(name, u->instance, buf);
2906 else {
2907 _cleanup_free_ char *i = NULL;
2908
2909 r = unit_name_to_prefix(u->id, &i);
2910 if (r < 0)
2911 return r;
2912
2913 r = unit_name_replace_instance(name, i, buf);
2914 }
2915 if (r < 0)
2916 return r;
2917
2918 *ret = *buf;
2919 return 0;
2920 }
2921
2922 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2923 _cleanup_free_ char *buf = NULL;
2924 Unit *other;
2925 int r;
2926
2927 assert(u);
2928 assert(name || path);
2929
2930 r = resolve_template(u, name, path, &buf, &name);
2931 if (r < 0)
2932 return r;
2933
2934 r = manager_load_unit(u->manager, name, path, NULL, &other);
2935 if (r < 0)
2936 return r;
2937
2938 return unit_add_dependency(u, d, other, add_reference, mask);
2939 }
2940
2941 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2942 _cleanup_free_ char *buf = NULL;
2943 Unit *other;
2944 int r;
2945
2946 assert(u);
2947 assert(name || path);
2948
2949 r = resolve_template(u, name, path, &buf, &name);
2950 if (r < 0)
2951 return r;
2952
2953 r = manager_load_unit(u->manager, name, path, NULL, &other);
2954 if (r < 0)
2955 return r;
2956
2957 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2958 }
2959
2960 int set_unit_path(const char *p) {
2961 /* This is mostly for debug purposes */
2962 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
2963 return -errno;
2964
2965 return 0;
2966 }
2967
2968 char *unit_dbus_path(Unit *u) {
2969 assert(u);
2970
2971 if (!u->id)
2972 return NULL;
2973
2974 return unit_dbus_path_from_name(u->id);
2975 }
2976
2977 char *unit_dbus_path_invocation_id(Unit *u) {
2978 assert(u);
2979
2980 if (sd_id128_is_null(u->invocation_id))
2981 return NULL;
2982
2983 return unit_dbus_path_from_name(u->invocation_id_string);
2984 }
2985
2986 int unit_set_slice(Unit *u, Unit *slice) {
2987 assert(u);
2988 assert(slice);
2989
2990 /* Sets the unit slice if it has not been set before. Is extra
2991 * careful, to only allow this for units that actually have a
2992 * cgroup context. Also, we don't allow to set this for slices
2993 * (since the parent slice is derived from the name). Make
2994 * sure the unit we set is actually a slice. */
2995
2996 if (!UNIT_HAS_CGROUP_CONTEXT(u))
2997 return -EOPNOTSUPP;
2998
2999 if (u->type == UNIT_SLICE)
3000 return -EINVAL;
3001
3002 if (unit_active_state(u) != UNIT_INACTIVE)
3003 return -EBUSY;
3004
3005 if (slice->type != UNIT_SLICE)
3006 return -EINVAL;
3007
3008 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3009 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3010 return -EPERM;
3011
3012 if (UNIT_DEREF(u->slice) == slice)
3013 return 0;
3014
3015 /* Disallow slice changes if @u is already bound to cgroups */
3016 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
3017 return -EBUSY;
3018
3019 unit_ref_set(&u->slice, u, slice);
3020 return 1;
3021 }
3022
3023 int unit_set_default_slice(Unit *u) {
3024 _cleanup_free_ char *b = NULL;
3025 const char *slice_name;
3026 Unit *slice;
3027 int r;
3028
3029 assert(u);
3030
3031 if (UNIT_ISSET(u->slice))
3032 return 0;
3033
3034 if (u->instance) {
3035 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
3036
3037 /* Implicitly place all instantiated units in their
3038 * own per-template slice */
3039
3040 r = unit_name_to_prefix(u->id, &prefix);
3041 if (r < 0)
3042 return r;
3043
3044 /* The prefix is already escaped, but it might include
3045 * "-" which has a special meaning for slice units,
3046 * hence escape it here extra. */
3047 escaped = unit_name_escape(prefix);
3048 if (!escaped)
3049 return -ENOMEM;
3050
3051 if (MANAGER_IS_SYSTEM(u->manager))
3052 b = strjoin("system-", escaped, ".slice");
3053 else
3054 b = strappend(escaped, ".slice");
3055 if (!b)
3056 return -ENOMEM;
3057
3058 slice_name = b;
3059 } else
3060 slice_name =
3061 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
3062 ? SPECIAL_SYSTEM_SLICE
3063 : SPECIAL_ROOT_SLICE;
3064
3065 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
3066 if (r < 0)
3067 return r;
3068
3069 return unit_set_slice(u, slice);
3070 }
3071
3072 const char *unit_slice_name(Unit *u) {
3073 assert(u);
3074
3075 if (!UNIT_ISSET(u->slice))
3076 return NULL;
3077
3078 return UNIT_DEREF(u->slice)->id;
3079 }
3080
3081 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3082 _cleanup_free_ char *t = NULL;
3083 int r;
3084
3085 assert(u);
3086 assert(type);
3087 assert(_found);
3088
3089 r = unit_name_change_suffix(u->id, type, &t);
3090 if (r < 0)
3091 return r;
3092 if (unit_has_name(u, t))
3093 return -EINVAL;
3094
3095 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3096 assert(r < 0 || *_found != u);
3097 return r;
3098 }
3099
3100 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3101 const char *name, *old_owner, *new_owner;
3102 Unit *u = userdata;
3103 int r;
3104
3105 assert(message);
3106 assert(u);
3107
3108 r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
3109 if (r < 0) {
3110 bus_log_parse_error(r);
3111 return 0;
3112 }
3113
3114 old_owner = empty_to_null(old_owner);
3115 new_owner = empty_to_null(new_owner);
3116
3117 if (UNIT_VTABLE(u)->bus_name_owner_change)
3118 UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
3119
3120 return 0;
3121 }
3122
3123 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3124 const char *match;
3125
3126 assert(u);
3127 assert(bus);
3128 assert(name);
3129
3130 if (u->match_bus_slot)
3131 return -EBUSY;
3132
3133 match = strjoina("type='signal',"
3134 "sender='org.freedesktop.DBus',"
3135 "path='/org/freedesktop/DBus',"
3136 "interface='org.freedesktop.DBus',"
3137 "member='NameOwnerChanged',"
3138 "arg0='", name, "'");
3139
3140 return sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3141 }
3142
3143 int unit_watch_bus_name(Unit *u, const char *name) {
3144 int r;
3145
3146 assert(u);
3147 assert(name);
3148
3149 /* Watch a specific name on the bus. We only support one unit
3150 * watching each name for now. */
3151
3152 if (u->manager->api_bus) {
3153 /* If the bus is already available, install the match directly.
3154 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3155 r = unit_install_bus_match(u, u->manager->api_bus, name);
3156 if (r < 0)
3157 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3158 }
3159
3160 r = hashmap_put(u->manager->watch_bus, name, u);
3161 if (r < 0) {
3162 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3163 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3164 }
3165
3166 return 0;
3167 }
3168
3169 void unit_unwatch_bus_name(Unit *u, const char *name) {
3170 assert(u);
3171 assert(name);
3172
3173 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3174 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3175 }
3176
3177 bool unit_can_serialize(Unit *u) {
3178 assert(u);
3179
3180 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3181 }
3182
3183 static int unit_serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3184 _cleanup_free_ char *s = NULL;
3185 int r = 0;
3186
3187 assert(f);
3188 assert(key);
3189
3190 if (mask != 0) {
3191 r = cg_mask_to_string(mask, &s);
3192 if (r >= 0) {
3193 fputs(key, f);
3194 fputc('=', f);
3195 fputs(s, f);
3196 fputc('\n', f);
3197 }
3198 }
3199 return r;
3200 }
3201
3202 static const char *ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3203 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3204 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3205 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3206 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3207 };
3208
3209 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3210 CGroupIPAccountingMetric m;
3211 int r;
3212
3213 assert(u);
3214 assert(f);
3215 assert(fds);
3216
3217 if (unit_can_serialize(u)) {
3218 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3219 if (r < 0)
3220 return r;
3221 }
3222
3223 dual_timestamp_serialize(f, "state-change-timestamp", &u->state_change_timestamp);
3224
3225 dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3226 dual_timestamp_serialize(f, "active-enter-timestamp", &u->active_enter_timestamp);
3227 dual_timestamp_serialize(f, "active-exit-timestamp", &u->active_exit_timestamp);
3228 dual_timestamp_serialize(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3229
3230 dual_timestamp_serialize(f, "condition-timestamp", &u->condition_timestamp);
3231 dual_timestamp_serialize(f, "assert-timestamp", &u->assert_timestamp);
3232
3233 if (dual_timestamp_is_set(&u->condition_timestamp))
3234 unit_serialize_item(u, f, "condition-result", yes_no(u->condition_result));
3235
3236 if (dual_timestamp_is_set(&u->assert_timestamp))
3237 unit_serialize_item(u, f, "assert-result", yes_no(u->assert_result));
3238
3239 unit_serialize_item(u, f, "transient", yes_no(u->transient));
3240
3241 unit_serialize_item(u, f, "exported-invocation-id", yes_no(u->exported_invocation_id));
3242 unit_serialize_item(u, f, "exported-log-level-max", yes_no(u->exported_log_level_max));
3243 unit_serialize_item(u, f, "exported-log-extra-fields", yes_no(u->exported_log_extra_fields));
3244
3245 unit_serialize_item_format(u, f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3246 if (u->cpu_usage_last != NSEC_INFINITY)
3247 unit_serialize_item_format(u, f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3248
3249 if (u->cgroup_path)
3250 unit_serialize_item(u, f, "cgroup", u->cgroup_path);
3251 unit_serialize_item(u, f, "cgroup-realized", yes_no(u->cgroup_realized));
3252 (void) unit_serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3253 (void) unit_serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3254 unit_serialize_item_format(u, f, "cgroup-bpf-realized", "%i", u->cgroup_bpf_state);
3255
3256 if (uid_is_valid(u->ref_uid))
3257 unit_serialize_item_format(u, f, "ref-uid", UID_FMT, u->ref_uid);
3258 if (gid_is_valid(u->ref_gid))
3259 unit_serialize_item_format(u, f, "ref-gid", GID_FMT, u->ref_gid);
3260
3261 if (!sd_id128_is_null(u->invocation_id))
3262 unit_serialize_item_format(u, f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3263
3264 bus_track_serialize(u->bus_track, f, "ref");
3265
3266 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3267 uint64_t v;
3268
3269 r = unit_get_ip_accounting(u, m, &v);
3270 if (r >= 0)
3271 unit_serialize_item_format(u, f, ip_accounting_metric_field[m], "%" PRIu64, v);
3272 }
3273
3274 if (serialize_jobs) {
3275 if (u->job) {
3276 fprintf(f, "job\n");
3277 job_serialize(u->job, f);
3278 }
3279
3280 if (u->nop_job) {
3281 fprintf(f, "job\n");
3282 job_serialize(u->nop_job, f);
3283 }
3284 }
3285
3286 /* End marker */
3287 fputc('\n', f);
3288 return 0;
3289 }
3290
3291 int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
3292 assert(u);
3293 assert(f);
3294 assert(key);
3295
3296 if (!value)
3297 return 0;
3298
3299 fputs(key, f);
3300 fputc('=', f);
3301 fputs(value, f);
3302 fputc('\n', f);
3303
3304 return 1;
3305 }
3306
3307 int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value) {
3308 _cleanup_free_ char *c = NULL;
3309
3310 assert(u);
3311 assert(f);
3312 assert(key);
3313
3314 if (!value)
3315 return 0;
3316
3317 c = cescape(value);
3318 if (!c)
3319 return -ENOMEM;
3320
3321 fputs(key, f);
3322 fputc('=', f);
3323 fputs(c, f);
3324 fputc('\n', f);
3325
3326 return 1;
3327 }
3328
3329 int unit_serialize_item_fd(Unit *u, FILE *f, FDSet *fds, const char *key, int fd) {
3330 int copy;
3331
3332 assert(u);
3333 assert(f);
3334 assert(key);
3335
3336 if (fd < 0)
3337 return 0;
3338
3339 copy = fdset_put_dup(fds, fd);
3340 if (copy < 0)
3341 return copy;
3342
3343 fprintf(f, "%s=%i\n", key, copy);
3344 return 1;
3345 }
3346
3347 void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *format, ...) {
3348 va_list ap;
3349
3350 assert(u);
3351 assert(f);
3352 assert(key);
3353 assert(format);
3354
3355 fputs(key, f);
3356 fputc('=', f);
3357
3358 va_start(ap, format);
3359 vfprintf(f, format, ap);
3360 va_end(ap);
3361
3362 fputc('\n', f);
3363 }
3364
3365 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3366 int r;
3367
3368 assert(u);
3369 assert(f);
3370 assert(fds);
3371
3372 for (;;) {
3373 char line[LINE_MAX], *l, *v;
3374 CGroupIPAccountingMetric m;
3375 size_t k;
3376
3377 if (!fgets(line, sizeof(line), f)) {
3378 if (feof(f))
3379 return 0;
3380 return -errno;
3381 }
3382
3383 char_array_0(line);
3384 l = strstrip(line);
3385
3386 /* End marker */
3387 if (isempty(l))
3388 break;
3389
3390 k = strcspn(l, "=");
3391
3392 if (l[k] == '=') {
3393 l[k] = 0;
3394 v = l+k+1;
3395 } else
3396 v = l+k;
3397
3398 if (streq(l, "job")) {
3399 if (v[0] == '\0') {
3400 /* new-style serialized job */
3401 Job *j;
3402
3403 j = job_new_raw(u);
3404 if (!j)
3405 return log_oom();
3406
3407 r = job_deserialize(j, f);
3408 if (r < 0) {
3409 job_free(j);
3410 return r;
3411 }
3412
3413 r = hashmap_put(u->manager->jobs, UINT32_TO_PTR(j->id), j);
3414 if (r < 0) {
3415 job_free(j);
3416 return r;
3417 }
3418
3419 r = job_install_deserialized(j);
3420 if (r < 0) {
3421 hashmap_remove(u->manager->jobs, UINT32_TO_PTR(j->id));
3422 job_free(j);
3423 return r;
3424 }
3425 } else /* legacy for pre-44 */
3426 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3427 continue;
3428 } else if (streq(l, "state-change-timestamp")) {
3429 dual_timestamp_deserialize(v, &u->state_change_timestamp);
3430 continue;
3431 } else if (streq(l, "inactive-exit-timestamp")) {
3432 dual_timestamp_deserialize(v, &u->inactive_exit_timestamp);
3433 continue;
3434 } else if (streq(l, "active-enter-timestamp")) {
3435 dual_timestamp_deserialize(v, &u->active_enter_timestamp);
3436 continue;
3437 } else if (streq(l, "active-exit-timestamp")) {
3438 dual_timestamp_deserialize(v, &u->active_exit_timestamp);
3439 continue;
3440 } else if (streq(l, "inactive-enter-timestamp")) {
3441 dual_timestamp_deserialize(v, &u->inactive_enter_timestamp);
3442 continue;
3443 } else if (streq(l, "condition-timestamp")) {
3444 dual_timestamp_deserialize(v, &u->condition_timestamp);
3445 continue;
3446 } else if (streq(l, "assert-timestamp")) {
3447 dual_timestamp_deserialize(v, &u->assert_timestamp);
3448 continue;
3449 } else if (streq(l, "condition-result")) {
3450
3451 r = parse_boolean(v);
3452 if (r < 0)
3453 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3454 else
3455 u->condition_result = r;
3456
3457 continue;
3458
3459 } else if (streq(l, "assert-result")) {
3460
3461 r = parse_boolean(v);
3462 if (r < 0)
3463 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3464 else
3465 u->assert_result = r;
3466
3467 continue;
3468
3469 } else if (streq(l, "transient")) {
3470
3471 r = parse_boolean(v);
3472 if (r < 0)
3473 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3474 else
3475 u->transient = r;
3476
3477 continue;
3478
3479 } else if (streq(l, "exported-invocation-id")) {
3480
3481 r = parse_boolean(v);
3482 if (r < 0)
3483 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3484 else
3485 u->exported_invocation_id = r;
3486
3487 continue;
3488
3489 } else if (streq(l, "exported-log-level-max")) {
3490
3491 r = parse_boolean(v);
3492 if (r < 0)
3493 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3494 else
3495 u->exported_log_level_max = r;
3496
3497 continue;
3498
3499 } else if (streq(l, "exported-log-extra-fields")) {
3500
3501 r = parse_boolean(v);
3502 if (r < 0)
3503 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3504 else
3505 u->exported_log_extra_fields = r;
3506
3507 continue;
3508
3509 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3510
3511 r = safe_atou64(v, &u->cpu_usage_base);
3512 if (r < 0)
3513 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3514
3515 continue;
3516
3517 } else if (streq(l, "cpu-usage-last")) {
3518
3519 r = safe_atou64(v, &u->cpu_usage_last);
3520 if (r < 0)
3521 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3522
3523 continue;
3524
3525 } else if (streq(l, "cgroup")) {
3526
3527 r = unit_set_cgroup_path(u, v);
3528 if (r < 0)
3529 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3530
3531 (void) unit_watch_cgroup(u);
3532
3533 continue;
3534 } else if (streq(l, "cgroup-realized")) {
3535 int b;
3536
3537 b = parse_boolean(v);
3538 if (b < 0)
3539 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3540 else
3541 u->cgroup_realized = b;
3542
3543 continue;
3544
3545 } else if (streq(l, "cgroup-realized-mask")) {
3546
3547 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3548 if (r < 0)
3549 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3550 continue;
3551
3552 } else if (streq(l, "cgroup-enabled-mask")) {
3553
3554 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3555 if (r < 0)
3556 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3557 continue;
3558
3559 } else if (streq(l, "cgroup-bpf-realized")) {
3560 int i;
3561
3562 r = safe_atoi(v, &i);
3563 if (r < 0)
3564 log_unit_debug(u, "Failed to parse cgroup BPF state %s, ignoring.", v);
3565 else
3566 u->cgroup_bpf_state =
3567 i < 0 ? UNIT_CGROUP_BPF_INVALIDATED :
3568 i > 0 ? UNIT_CGROUP_BPF_ON :
3569 UNIT_CGROUP_BPF_OFF;
3570
3571 continue;
3572
3573 } else if (streq(l, "ref-uid")) {
3574 uid_t uid;
3575
3576 r = parse_uid(v, &uid);
3577 if (r < 0)
3578 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3579 else
3580 unit_ref_uid_gid(u, uid, GID_INVALID);
3581
3582 continue;
3583
3584 } else if (streq(l, "ref-gid")) {
3585 gid_t gid;
3586
3587 r = parse_gid(v, &gid);
3588 if (r < 0)
3589 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3590 else
3591 unit_ref_uid_gid(u, UID_INVALID, gid);
3592
3593 } else if (streq(l, "ref")) {
3594
3595 r = strv_extend(&u->deserialized_refs, v);
3596 if (r < 0)
3597 log_oom();
3598
3599 continue;
3600 } else if (streq(l, "invocation-id")) {
3601 sd_id128_t id;
3602
3603 r = sd_id128_from_string(v, &id);
3604 if (r < 0)
3605 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3606 else {
3607 r = unit_set_invocation_id(u, id);
3608 if (r < 0)
3609 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3610 }
3611
3612 continue;
3613 }
3614
3615 /* Check if this is an IP accounting metric serialization field */
3616 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++)
3617 if (streq(l, ip_accounting_metric_field[m]))
3618 break;
3619 if (m < _CGROUP_IP_ACCOUNTING_METRIC_MAX) {
3620 uint64_t c;
3621
3622 r = safe_atou64(v, &c);
3623 if (r < 0)
3624 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3625 else
3626 u->ip_accounting_extra[m] = c;
3627 continue;
3628 }
3629
3630 if (unit_can_serialize(u)) {
3631 r = exec_runtime_deserialize_compat(u, l, v, fds);
3632 if (r < 0) {
3633 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3634 continue;
3635 }
3636
3637 /* Returns positive if key was handled by the call */
3638 if (r > 0)
3639 continue;
3640
3641 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3642 if (r < 0)
3643 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3644 }
3645 }
3646
3647 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3648 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3649 * before 228 where the base for timeouts was not persistent across reboots. */
3650
3651 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3652 dual_timestamp_get(&u->state_change_timestamp);
3653
3654 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3655 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3656 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3657 unit_invalidate_cgroup_bpf(u);
3658
3659 return 0;
3660 }
3661
3662 void unit_deserialize_skip(FILE *f) {
3663 assert(f);
3664
3665 /* Skip serialized data for this unit. We don't know what it is. */
3666
3667 for (;;) {
3668 char line[LINE_MAX], *l;
3669
3670 if (!fgets(line, sizeof line, f))
3671 return;
3672
3673 char_array_0(line);
3674 l = strstrip(line);
3675
3676 /* End marker */
3677 if (isempty(l))
3678 return;
3679 }
3680 }
3681
3682 int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependency dep, UnitDependencyMask mask) {
3683 Unit *device;
3684 _cleanup_free_ char *e = NULL;
3685 int r;
3686
3687 assert(u);
3688
3689 /* Adds in links to the device node that this unit is based on */
3690 if (isempty(what))
3691 return 0;
3692
3693 if (!is_device_path(what))
3694 return 0;
3695
3696 /* When device units aren't supported (such as in a
3697 * container), don't create dependencies on them. */
3698 if (!unit_type_supported(UNIT_DEVICE))
3699 return 0;
3700
3701 r = unit_name_from_path(what, ".device", &e);
3702 if (r < 0)
3703 return r;
3704
3705 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3706 if (r < 0)
3707 return r;
3708
3709 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3710 dep = UNIT_BINDS_TO;
3711
3712 r = unit_add_two_dependencies(u, UNIT_AFTER,
3713 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3714 device, true, mask);
3715 if (r < 0)
3716 return r;
3717
3718 if (wants) {
3719 r = unit_add_dependency(device, UNIT_WANTS, u, false, mask);
3720 if (r < 0)
3721 return r;
3722 }
3723
3724 return 0;
3725 }
3726
3727 int unit_coldplug(Unit *u) {
3728 int r = 0, q;
3729 char **i;
3730
3731 assert(u);
3732
3733 /* Make sure we don't enter a loop, when coldplugging
3734 * recursively. */
3735 if (u->coldplugged)
3736 return 0;
3737
3738 u->coldplugged = true;
3739
3740 STRV_FOREACH(i, u->deserialized_refs) {
3741 q = bus_unit_track_add_name(u, *i);
3742 if (q < 0 && r >= 0)
3743 r = q;
3744 }
3745 u->deserialized_refs = strv_free(u->deserialized_refs);
3746
3747 if (UNIT_VTABLE(u)->coldplug) {
3748 q = UNIT_VTABLE(u)->coldplug(u);
3749 if (q < 0 && r >= 0)
3750 r = q;
3751 }
3752
3753 if (u->job) {
3754 q = job_coldplug(u->job);
3755 if (q < 0 && r >= 0)
3756 r = q;
3757 }
3758
3759 return r;
3760 }
3761
3762 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3763 struct stat st;
3764
3765 if (!path)
3766 return false;
3767
3768 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3769 * are never out-of-date. */
3770 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3771 return false;
3772
3773 if (stat(path, &st) < 0)
3774 /* What, cannot access this anymore? */
3775 return true;
3776
3777 if (path_masked)
3778 /* For masked files check if they are still so */
3779 return !null_or_empty(&st);
3780 else
3781 /* For non-empty files check the mtime */
3782 return timespec_load(&st.st_mtim) > mtime;
3783
3784 return false;
3785 }
3786
3787 bool unit_need_daemon_reload(Unit *u) {
3788 _cleanup_strv_free_ char **t = NULL;
3789 char **path;
3790
3791 assert(u);
3792
3793 /* For unit files, we allow masking… */
3794 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3795 u->load_state == UNIT_MASKED))
3796 return true;
3797
3798 /* Source paths should not be masked… */
3799 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3800 return true;
3801
3802 if (u->load_state == UNIT_LOADED)
3803 (void) unit_find_dropin_paths(u, &t);
3804 if (!strv_equal(u->dropin_paths, t))
3805 return true;
3806
3807 /* … any drop-ins that are masked are simply omitted from the list. */
3808 STRV_FOREACH(path, u->dropin_paths)
3809 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3810 return true;
3811
3812 return false;
3813 }
3814
3815 void unit_reset_failed(Unit *u) {
3816 assert(u);
3817
3818 if (UNIT_VTABLE(u)->reset_failed)
3819 UNIT_VTABLE(u)->reset_failed(u);
3820
3821 RATELIMIT_RESET(u->start_limit);
3822 u->start_limit_hit = false;
3823 }
3824
3825 Unit *unit_following(Unit *u) {
3826 assert(u);
3827
3828 if (UNIT_VTABLE(u)->following)
3829 return UNIT_VTABLE(u)->following(u);
3830
3831 return NULL;
3832 }
3833
3834 bool unit_stop_pending(Unit *u) {
3835 assert(u);
3836
3837 /* This call does check the current state of the unit. It's
3838 * hence useful to be called from state change calls of the
3839 * unit itself, where the state isn't updated yet. This is
3840 * different from unit_inactive_or_pending() which checks both
3841 * the current state and for a queued job. */
3842
3843 return u->job && u->job->type == JOB_STOP;
3844 }
3845
3846 bool unit_inactive_or_pending(Unit *u) {
3847 assert(u);
3848
3849 /* Returns true if the unit is inactive or going down */
3850
3851 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3852 return true;
3853
3854 if (unit_stop_pending(u))
3855 return true;
3856
3857 return false;
3858 }
3859
3860 bool unit_active_or_pending(Unit *u) {
3861 assert(u);
3862
3863 /* Returns true if the unit is active or going up */
3864
3865 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3866 return true;
3867
3868 if (u->job &&
3869 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
3870 return true;
3871
3872 return false;
3873 }
3874
3875 bool unit_will_restart(Unit *u) {
3876 assert(u);
3877
3878 if (!UNIT_VTABLE(u)->will_restart)
3879 return false;
3880
3881 return UNIT_VTABLE(u)->will_restart(u);
3882 }
3883
3884 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
3885 assert(u);
3886 assert(w >= 0 && w < _KILL_WHO_MAX);
3887 assert(SIGNAL_VALID(signo));
3888
3889 if (!UNIT_VTABLE(u)->kill)
3890 return -EOPNOTSUPP;
3891
3892 return UNIT_VTABLE(u)->kill(u, w, signo, error);
3893 }
3894
3895 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
3896 _cleanup_set_free_ Set *pid_set = NULL;
3897 int r;
3898
3899 pid_set = set_new(NULL);
3900 if (!pid_set)
3901 return NULL;
3902
3903 /* Exclude the main/control pids from being killed via the cgroup */
3904 if (main_pid > 0) {
3905 r = set_put(pid_set, PID_TO_PTR(main_pid));
3906 if (r < 0)
3907 return NULL;
3908 }
3909
3910 if (control_pid > 0) {
3911 r = set_put(pid_set, PID_TO_PTR(control_pid));
3912 if (r < 0)
3913 return NULL;
3914 }
3915
3916 return TAKE_PTR(pid_set);
3917 }
3918
3919 int unit_kill_common(
3920 Unit *u,
3921 KillWho who,
3922 int signo,
3923 pid_t main_pid,
3924 pid_t control_pid,
3925 sd_bus_error *error) {
3926
3927 int r = 0;
3928 bool killed = false;
3929
3930 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
3931 if (main_pid < 0)
3932 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
3933 else if (main_pid == 0)
3934 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
3935 }
3936
3937 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
3938 if (control_pid < 0)
3939 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
3940 else if (control_pid == 0)
3941 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
3942 }
3943
3944 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3945 if (control_pid > 0) {
3946 if (kill(control_pid, signo) < 0)
3947 r = -errno;
3948 else
3949 killed = true;
3950 }
3951
3952 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3953 if (main_pid > 0) {
3954 if (kill(main_pid, signo) < 0)
3955 r = -errno;
3956 else
3957 killed = true;
3958 }
3959
3960 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
3961 _cleanup_set_free_ Set *pid_set = NULL;
3962 int q;
3963
3964 /* Exclude the main/control pids from being killed via the cgroup */
3965 pid_set = unit_pid_set(main_pid, control_pid);
3966 if (!pid_set)
3967 return -ENOMEM;
3968
3969 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
3970 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
3971 r = q;
3972 else
3973 killed = true;
3974 }
3975
3976 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
3977 return -ESRCH;
3978
3979 return r;
3980 }
3981
3982 int unit_following_set(Unit *u, Set **s) {
3983 assert(u);
3984 assert(s);
3985
3986 if (UNIT_VTABLE(u)->following_set)
3987 return UNIT_VTABLE(u)->following_set(u, s);
3988
3989 *s = NULL;
3990 return 0;
3991 }
3992
3993 UnitFileState unit_get_unit_file_state(Unit *u) {
3994 int r;
3995
3996 assert(u);
3997
3998 if (u->unit_file_state < 0 && u->fragment_path) {
3999 r = unit_file_get_state(
4000 u->manager->unit_file_scope,
4001 NULL,
4002 u->id,
4003 &u->unit_file_state);
4004 if (r < 0)
4005 u->unit_file_state = UNIT_FILE_BAD;
4006 }
4007
4008 return u->unit_file_state;
4009 }
4010
4011 int unit_get_unit_file_preset(Unit *u) {
4012 assert(u);
4013
4014 if (u->unit_file_preset < 0 && u->fragment_path)
4015 u->unit_file_preset = unit_file_query_preset(
4016 u->manager->unit_file_scope,
4017 NULL,
4018 basename(u->fragment_path));
4019
4020 return u->unit_file_preset;
4021 }
4022
4023 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
4024 assert(ref);
4025 assert(source);
4026 assert(target);
4027
4028 if (ref->target)
4029 unit_ref_unset(ref);
4030
4031 ref->source = source;
4032 ref->target = target;
4033 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4034 return target;
4035 }
4036
4037 void unit_ref_unset(UnitRef *ref) {
4038 assert(ref);
4039
4040 if (!ref->target)
4041 return;
4042
4043 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4044 * be unreferenced now. */
4045 unit_add_to_gc_queue(ref->target);
4046
4047 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4048 ref->source = ref->target = NULL;
4049 }
4050
4051 static int user_from_unit_name(Unit *u, char **ret) {
4052
4053 static const uint8_t hash_key[] = {
4054 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4055 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4056 };
4057
4058 _cleanup_free_ char *n = NULL;
4059 int r;
4060
4061 r = unit_name_to_prefix(u->id, &n);
4062 if (r < 0)
4063 return r;
4064
4065 if (valid_user_group_name(n)) {
4066 *ret = TAKE_PTR(n);
4067 return 0;
4068 }
4069
4070 /* If we can't use the unit name as a user name, then let's hash it and use that */
4071 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4072 return -ENOMEM;
4073
4074 return 0;
4075 }
4076
4077 int unit_patch_contexts(Unit *u) {
4078 CGroupContext *cc;
4079 ExecContext *ec;
4080 unsigned i;
4081 int r;
4082
4083 assert(u);
4084
4085 /* Patch in the manager defaults into the exec and cgroup
4086 * contexts, _after_ the rest of the settings have been
4087 * initialized */
4088
4089 ec = unit_get_exec_context(u);
4090 if (ec) {
4091 /* This only copies in the ones that need memory */
4092 for (i = 0; i < _RLIMIT_MAX; i++)
4093 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4094 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4095 if (!ec->rlimit[i])
4096 return -ENOMEM;
4097 }
4098
4099 if (MANAGER_IS_USER(u->manager) &&
4100 !ec->working_directory) {
4101
4102 r = get_home_dir(&ec->working_directory);
4103 if (r < 0)
4104 return r;
4105
4106 /* Allow user services to run, even if the
4107 * home directory is missing */
4108 ec->working_directory_missing_ok = true;
4109 }
4110
4111 if (ec->private_devices)
4112 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4113
4114 if (ec->protect_kernel_modules)
4115 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4116
4117 if (ec->dynamic_user) {
4118 if (!ec->user) {
4119 r = user_from_unit_name(u, &ec->user);
4120 if (r < 0)
4121 return r;
4122 }
4123
4124 if (!ec->group) {
4125 ec->group = strdup(ec->user);
4126 if (!ec->group)
4127 return -ENOMEM;
4128 }
4129
4130 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4131 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4132
4133 ec->private_tmp = true;
4134 ec->remove_ipc = true;
4135 ec->protect_system = PROTECT_SYSTEM_STRICT;
4136 if (ec->protect_home == PROTECT_HOME_NO)
4137 ec->protect_home = PROTECT_HOME_READ_ONLY;
4138 }
4139 }
4140
4141 cc = unit_get_cgroup_context(u);
4142 if (cc) {
4143
4144 if (ec &&
4145 ec->private_devices &&
4146 cc->device_policy == CGROUP_AUTO)
4147 cc->device_policy = CGROUP_CLOSED;
4148 }
4149
4150 return 0;
4151 }
4152
4153 ExecContext *unit_get_exec_context(Unit *u) {
4154 size_t offset;
4155 assert(u);
4156
4157 if (u->type < 0)
4158 return NULL;
4159
4160 offset = UNIT_VTABLE(u)->exec_context_offset;
4161 if (offset <= 0)
4162 return NULL;
4163
4164 return (ExecContext*) ((uint8_t*) u + offset);
4165 }
4166
4167 KillContext *unit_get_kill_context(Unit *u) {
4168 size_t offset;
4169 assert(u);
4170
4171 if (u->type < 0)
4172 return NULL;
4173
4174 offset = UNIT_VTABLE(u)->kill_context_offset;
4175 if (offset <= 0)
4176 return NULL;
4177
4178 return (KillContext*) ((uint8_t*) u + offset);
4179 }
4180
4181 CGroupContext *unit_get_cgroup_context(Unit *u) {
4182 size_t offset;
4183
4184 if (u->type < 0)
4185 return NULL;
4186
4187 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4188 if (offset <= 0)
4189 return NULL;
4190
4191 return (CGroupContext*) ((uint8_t*) u + offset);
4192 }
4193
4194 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4195 size_t offset;
4196
4197 if (u->type < 0)
4198 return NULL;
4199
4200 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4201 if (offset <= 0)
4202 return NULL;
4203
4204 return *(ExecRuntime**) ((uint8_t*) u + offset);
4205 }
4206
4207 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4208 assert(u);
4209
4210 if (UNIT_WRITE_FLAGS_NOOP(flags))
4211 return NULL;
4212
4213 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4214 return u->manager->lookup_paths.transient;
4215
4216 if (flags & UNIT_PERSISTENT)
4217 return u->manager->lookup_paths.persistent_control;
4218
4219 if (flags & UNIT_RUNTIME)
4220 return u->manager->lookup_paths.runtime_control;
4221
4222 return NULL;
4223 }
4224
4225 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4226 char *ret = NULL;
4227
4228 if (!s)
4229 return NULL;
4230
4231 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4232 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4233 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4234 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4235 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4236 * allocations. */
4237
4238 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4239 ret = specifier_escape(s);
4240 if (!ret)
4241 return NULL;
4242
4243 s = ret;
4244 }
4245
4246 if (flags & UNIT_ESCAPE_C) {
4247 char *a;
4248
4249 a = cescape(s);
4250 free(ret);
4251 if (!a)
4252 return NULL;
4253
4254 ret = a;
4255 }
4256
4257 if (buf) {
4258 *buf = ret;
4259 return ret ?: (char*) s;
4260 }
4261
4262 return ret ?: strdup(s);
4263 }
4264
4265 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4266 _cleanup_free_ char *result = NULL;
4267 size_t n = 0, allocated = 0;
4268 char **i;
4269
4270 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4271 * way suitable for ExecStart= stanzas */
4272
4273 STRV_FOREACH(i, l) {
4274 _cleanup_free_ char *buf = NULL;
4275 const char *p;
4276 size_t a;
4277 char *q;
4278
4279 p = unit_escape_setting(*i, flags, &buf);
4280 if (!p)
4281 return NULL;
4282
4283 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4284 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4285 return NULL;
4286
4287 q = result + n;
4288 if (n > 0)
4289 *(q++) = ' ';
4290
4291 *(q++) = '"';
4292 q = stpcpy(q, p);
4293 *(q++) = '"';
4294
4295 n += a;
4296 }
4297
4298 if (!GREEDY_REALLOC(result, allocated, n + 1))
4299 return NULL;
4300
4301 result[n] = 0;
4302
4303 return TAKE_PTR(result);
4304 }
4305
4306 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4307 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4308 const char *dir, *wrapped;
4309 int r;
4310
4311 assert(u);
4312 assert(name);
4313 assert(data);
4314
4315 if (UNIT_WRITE_FLAGS_NOOP(flags))
4316 return 0;
4317
4318 data = unit_escape_setting(data, flags, &escaped);
4319 if (!data)
4320 return -ENOMEM;
4321
4322 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4323 * previous section header is the same */
4324
4325 if (flags & UNIT_PRIVATE) {
4326 if (!UNIT_VTABLE(u)->private_section)
4327 return -EINVAL;
4328
4329 if (!u->transient_file || u->last_section_private < 0)
4330 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4331 else if (u->last_section_private == 0)
4332 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4333 } else {
4334 if (!u->transient_file || u->last_section_private < 0)
4335 data = strjoina("[Unit]\n", data);
4336 else if (u->last_section_private > 0)
4337 data = strjoina("\n[Unit]\n", data);
4338 }
4339
4340 if (u->transient_file) {
4341 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4342 * write to the transient unit file. */
4343 fputs(data, u->transient_file);
4344
4345 if (!endswith(data, "\n"))
4346 fputc('\n', u->transient_file);
4347
4348 /* Remember which section we wrote this entry to */
4349 u->last_section_private = !!(flags & UNIT_PRIVATE);
4350 return 0;
4351 }
4352
4353 dir = unit_drop_in_dir(u, flags);
4354 if (!dir)
4355 return -EINVAL;
4356
4357 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4358 "# or an equivalent operation. Do not edit.\n",
4359 data,
4360 "\n");
4361
4362 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4363 if (r < 0)
4364 return r;
4365
4366 (void) mkdir_p_label(p, 0755);
4367 r = write_string_file_atomic_label(q, wrapped);
4368 if (r < 0)
4369 return r;
4370
4371 r = strv_push(&u->dropin_paths, q);
4372 if (r < 0)
4373 return r;
4374 q = NULL;
4375
4376 strv_uniq(u->dropin_paths);
4377
4378 u->dropin_mtime = now(CLOCK_REALTIME);
4379
4380 return 0;
4381 }
4382
4383 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4384 _cleanup_free_ char *p = NULL;
4385 va_list ap;
4386 int r;
4387
4388 assert(u);
4389 assert(name);
4390 assert(format);
4391
4392 if (UNIT_WRITE_FLAGS_NOOP(flags))
4393 return 0;
4394
4395 va_start(ap, format);
4396 r = vasprintf(&p, format, ap);
4397 va_end(ap);
4398
4399 if (r < 0)
4400 return -ENOMEM;
4401
4402 return unit_write_setting(u, flags, name, p);
4403 }
4404
4405 int unit_make_transient(Unit *u) {
4406 _cleanup_free_ char *path = NULL;
4407 FILE *f;
4408
4409 assert(u);
4410
4411 if (!UNIT_VTABLE(u)->can_transient)
4412 return -EOPNOTSUPP;
4413
4414 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4415
4416 path = strjoin(u->manager->lookup_paths.transient, "/", u->id);
4417 if (!path)
4418 return -ENOMEM;
4419
4420 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4421 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4422
4423 RUN_WITH_UMASK(0022) {
4424 f = fopen(path, "we");
4425 if (!f)
4426 return -errno;
4427 }
4428
4429 safe_fclose(u->transient_file);
4430 u->transient_file = f;
4431
4432 free_and_replace(u->fragment_path, path);
4433
4434 u->source_path = mfree(u->source_path);
4435 u->dropin_paths = strv_free(u->dropin_paths);
4436 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4437
4438 u->load_state = UNIT_STUB;
4439 u->load_error = 0;
4440 u->transient = true;
4441
4442 unit_add_to_dbus_queue(u);
4443 unit_add_to_gc_queue(u);
4444
4445 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4446 u->transient_file);
4447
4448 return 0;
4449 }
4450
4451 static void log_kill(pid_t pid, int sig, void *userdata) {
4452 _cleanup_free_ char *comm = NULL;
4453
4454 (void) get_process_comm(pid, &comm);
4455
4456 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4457 only, like for example systemd's own PAM stub process. */
4458 if (comm && comm[0] == '(')
4459 return;
4460
4461 log_unit_notice(userdata,
4462 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4463 pid,
4464 strna(comm),
4465 signal_to_string(sig));
4466 }
4467
4468 static int operation_to_signal(KillContext *c, KillOperation k) {
4469 assert(c);
4470
4471 switch (k) {
4472
4473 case KILL_TERMINATE:
4474 case KILL_TERMINATE_AND_LOG:
4475 return c->kill_signal;
4476
4477 case KILL_KILL:
4478 return SIGKILL;
4479
4480 case KILL_ABORT:
4481 return SIGABRT;
4482
4483 default:
4484 assert_not_reached("KillOperation unknown");
4485 }
4486 }
4487
4488 int unit_kill_context(
4489 Unit *u,
4490 KillContext *c,
4491 KillOperation k,
4492 pid_t main_pid,
4493 pid_t control_pid,
4494 bool main_pid_alien) {
4495
4496 bool wait_for_exit = false, send_sighup;
4497 cg_kill_log_func_t log_func = NULL;
4498 int sig, r;
4499
4500 assert(u);
4501 assert(c);
4502
4503 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4504 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4505
4506 if (c->kill_mode == KILL_NONE)
4507 return 0;
4508
4509 sig = operation_to_signal(c, k);
4510
4511 send_sighup =
4512 c->send_sighup &&
4513 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4514 sig != SIGHUP;
4515
4516 if (k != KILL_TERMINATE || IN_SET(sig, SIGKILL, SIGABRT))
4517 log_func = log_kill;
4518
4519 if (main_pid > 0) {
4520 if (log_func)
4521 log_func(main_pid, sig, u);
4522
4523 r = kill_and_sigcont(main_pid, sig);
4524 if (r < 0 && r != -ESRCH) {
4525 _cleanup_free_ char *comm = NULL;
4526 (void) get_process_comm(main_pid, &comm);
4527
4528 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4529 } else {
4530 if (!main_pid_alien)
4531 wait_for_exit = true;
4532
4533 if (r != -ESRCH && send_sighup)
4534 (void) kill(main_pid, SIGHUP);
4535 }
4536 }
4537
4538 if (control_pid > 0) {
4539 if (log_func)
4540 log_func(control_pid, sig, u);
4541
4542 r = kill_and_sigcont(control_pid, sig);
4543 if (r < 0 && r != -ESRCH) {
4544 _cleanup_free_ char *comm = NULL;
4545 (void) get_process_comm(control_pid, &comm);
4546
4547 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4548 } else {
4549 wait_for_exit = true;
4550
4551 if (r != -ESRCH && send_sighup)
4552 (void) kill(control_pid, SIGHUP);
4553 }
4554 }
4555
4556 if (u->cgroup_path &&
4557 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4558 _cleanup_set_free_ Set *pid_set = NULL;
4559
4560 /* Exclude the main/control pids from being killed via the cgroup */
4561 pid_set = unit_pid_set(main_pid, control_pid);
4562 if (!pid_set)
4563 return -ENOMEM;
4564
4565 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4566 sig,
4567 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4568 pid_set,
4569 log_func, u);
4570 if (r < 0) {
4571 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4572 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4573
4574 } else if (r > 0) {
4575
4576 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4577 * we are running in a container or if this is a delegation unit, simply because cgroup
4578 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4579 * of containers it can be confused easily by left-over directories in the cgroup — which
4580 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4581 * there we get proper events. Hence rely on them. */
4582
4583 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4584 (detect_container() == 0 && !unit_cgroup_delegate(u)))
4585 wait_for_exit = true;
4586
4587 if (send_sighup) {
4588 set_free(pid_set);
4589
4590 pid_set = unit_pid_set(main_pid, control_pid);
4591 if (!pid_set)
4592 return -ENOMEM;
4593
4594 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4595 SIGHUP,
4596 CGROUP_IGNORE_SELF,
4597 pid_set,
4598 NULL, NULL);
4599 }
4600 }
4601 }
4602
4603 return wait_for_exit;
4604 }
4605
4606 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4607 _cleanup_free_ char *p = NULL;
4608 char *prefix;
4609 UnitDependencyInfo di;
4610 int r;
4611
4612 assert(u);
4613 assert(path);
4614
4615 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4616 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4617 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4618 * determine which units to make themselves a dependency of. */
4619
4620 if (!path_is_absolute(path))
4621 return -EINVAL;
4622
4623 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
4624 if (r < 0)
4625 return r;
4626
4627 p = strdup(path);
4628 if (!p)
4629 return -ENOMEM;
4630
4631 path = path_simplify(p, false);
4632
4633 if (!path_is_normalized(path))
4634 return -EPERM;
4635
4636 if (hashmap_contains(u->requires_mounts_for, path))
4637 return 0;
4638
4639 di = (UnitDependencyInfo) {
4640 .origin_mask = mask
4641 };
4642
4643 r = hashmap_put(u->requires_mounts_for, path, di.data);
4644 if (r < 0)
4645 return r;
4646 p = NULL;
4647
4648 prefix = alloca(strlen(path) + 1);
4649 PATH_FOREACH_PREFIX_MORE(prefix, path) {
4650 Set *x;
4651
4652 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4653 if (!x) {
4654 _cleanup_free_ char *q = NULL;
4655
4656 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
4657 if (r < 0)
4658 return r;
4659
4660 q = strdup(prefix);
4661 if (!q)
4662 return -ENOMEM;
4663
4664 x = set_new(NULL);
4665 if (!x)
4666 return -ENOMEM;
4667
4668 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4669 if (r < 0) {
4670 set_free(x);
4671 return r;
4672 }
4673 q = NULL;
4674 }
4675
4676 r = set_put(x, u);
4677 if (r < 0)
4678 return r;
4679 }
4680
4681 return 0;
4682 }
4683
4684 int unit_setup_exec_runtime(Unit *u) {
4685 ExecRuntime **rt;
4686 size_t offset;
4687 Unit *other;
4688 Iterator i;
4689 void *v;
4690 int r;
4691
4692 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4693 assert(offset > 0);
4694
4695 /* Check if there already is an ExecRuntime for this unit? */
4696 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4697 if (*rt)
4698 return 0;
4699
4700 /* Try to get it from somebody else */
4701 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
4702 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4703 if (r == 1)
4704 return 1;
4705 }
4706
4707 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
4708 }
4709
4710 int unit_setup_dynamic_creds(Unit *u) {
4711 ExecContext *ec;
4712 DynamicCreds *dcreds;
4713 size_t offset;
4714
4715 assert(u);
4716
4717 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4718 assert(offset > 0);
4719 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4720
4721 ec = unit_get_exec_context(u);
4722 assert(ec);
4723
4724 if (!ec->dynamic_user)
4725 return 0;
4726
4727 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4728 }
4729
4730 bool unit_type_supported(UnitType t) {
4731 if (_unlikely_(t < 0))
4732 return false;
4733 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4734 return false;
4735
4736 if (!unit_vtable[t]->supported)
4737 return true;
4738
4739 return unit_vtable[t]->supported();
4740 }
4741
4742 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4743 int r;
4744
4745 assert(u);
4746 assert(where);
4747
4748 r = dir_is_empty(where);
4749 if (r > 0 || r == -ENOTDIR)
4750 return;
4751 if (r < 0) {
4752 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4753 return;
4754 }
4755
4756 log_struct(LOG_NOTICE,
4757 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4758 LOG_UNIT_ID(u),
4759 LOG_UNIT_INVOCATION_ID(u),
4760 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4761 "WHERE=%s", where);
4762 }
4763
4764 int unit_fail_if_noncanonical(Unit *u, const char* where) {
4765 _cleanup_free_ char *canonical_where;
4766 int r;
4767
4768 assert(u);
4769 assert(where);
4770
4771 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where);
4772 if (r < 0) {
4773 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
4774 return 0;
4775 }
4776
4777 /* We will happily ignore a trailing slash (or any redundant slashes) */
4778 if (path_equal(where, canonical_where))
4779 return 0;
4780
4781 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4782 log_struct(LOG_ERR,
4783 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4784 LOG_UNIT_ID(u),
4785 LOG_UNIT_INVOCATION_ID(u),
4786 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4787 "WHERE=%s", where);
4788
4789 return -ELOOP;
4790 }
4791
4792 bool unit_is_pristine(Unit *u) {
4793 assert(u);
4794
4795 /* Check if the unit already exists or is already around,
4796 * in a number of different ways. Note that to cater for unit
4797 * types such as slice, we are generally fine with units that
4798 * are marked UNIT_LOADED even though nothing was actually
4799 * loaded, as those unit types don't require a file on disk. */
4800
4801 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4802 u->fragment_path ||
4803 u->source_path ||
4804 !strv_isempty(u->dropin_paths) ||
4805 u->job ||
4806 u->merged_into);
4807 }
4808
4809 pid_t unit_control_pid(Unit *u) {
4810 assert(u);
4811
4812 if (UNIT_VTABLE(u)->control_pid)
4813 return UNIT_VTABLE(u)->control_pid(u);
4814
4815 return 0;
4816 }
4817
4818 pid_t unit_main_pid(Unit *u) {
4819 assert(u);
4820
4821 if (UNIT_VTABLE(u)->main_pid)
4822 return UNIT_VTABLE(u)->main_pid(u);
4823
4824 return 0;
4825 }
4826
4827 static void unit_unref_uid_internal(
4828 Unit *u,
4829 uid_t *ref_uid,
4830 bool destroy_now,
4831 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4832
4833 assert(u);
4834 assert(ref_uid);
4835 assert(_manager_unref_uid);
4836
4837 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4838 * gid_t are actually the same time, with the same validity rules.
4839 *
4840 * Drops a reference to UID/GID from a unit. */
4841
4842 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4843 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4844
4845 if (!uid_is_valid(*ref_uid))
4846 return;
4847
4848 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4849 *ref_uid = UID_INVALID;
4850 }
4851
4852 void unit_unref_uid(Unit *u, bool destroy_now) {
4853 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4854 }
4855
4856 void unit_unref_gid(Unit *u, bool destroy_now) {
4857 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4858 }
4859
4860 static int unit_ref_uid_internal(
4861 Unit *u,
4862 uid_t *ref_uid,
4863 uid_t uid,
4864 bool clean_ipc,
4865 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4866
4867 int r;
4868
4869 assert(u);
4870 assert(ref_uid);
4871 assert(uid_is_valid(uid));
4872 assert(_manager_ref_uid);
4873
4874 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4875 * are actually the same type, and have the same validity rules.
4876 *
4877 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4878 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4879 * drops to zero. */
4880
4881 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4882 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4883
4884 if (*ref_uid == uid)
4885 return 0;
4886
4887 if (uid_is_valid(*ref_uid)) /* Already set? */
4888 return -EBUSY;
4889
4890 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4891 if (r < 0)
4892 return r;
4893
4894 *ref_uid = uid;
4895 return 1;
4896 }
4897
4898 int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
4899 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4900 }
4901
4902 int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
4903 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4904 }
4905
4906 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4907 int r = 0, q = 0;
4908
4909 assert(u);
4910
4911 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4912
4913 if (uid_is_valid(uid)) {
4914 r = unit_ref_uid(u, uid, clean_ipc);
4915 if (r < 0)
4916 return r;
4917 }
4918
4919 if (gid_is_valid(gid)) {
4920 q = unit_ref_gid(u, gid, clean_ipc);
4921 if (q < 0) {
4922 if (r > 0)
4923 unit_unref_uid(u, false);
4924
4925 return q;
4926 }
4927 }
4928
4929 return r > 0 || q > 0;
4930 }
4931
4932 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4933 ExecContext *c;
4934 int r;
4935
4936 assert(u);
4937
4938 c = unit_get_exec_context(u);
4939
4940 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4941 if (r < 0)
4942 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4943
4944 return r;
4945 }
4946
4947 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4948 assert(u);
4949
4950 unit_unref_uid(u, destroy_now);
4951 unit_unref_gid(u, destroy_now);
4952 }
4953
4954 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4955 int r;
4956
4957 assert(u);
4958
4959 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4960 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4961 * objects when no service references the UID/GID anymore. */
4962
4963 r = unit_ref_uid_gid(u, uid, gid);
4964 if (r > 0)
4965 bus_unit_send_change_signal(u);
4966 }
4967
4968 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
4969 int r;
4970
4971 assert(u);
4972
4973 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
4974
4975 if (sd_id128_equal(u->invocation_id, id))
4976 return 0;
4977
4978 if (!sd_id128_is_null(u->invocation_id))
4979 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
4980
4981 if (sd_id128_is_null(id)) {
4982 r = 0;
4983 goto reset;
4984 }
4985
4986 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
4987 if (r < 0)
4988 goto reset;
4989
4990 u->invocation_id = id;
4991 sd_id128_to_string(id, u->invocation_id_string);
4992
4993 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
4994 if (r < 0)
4995 goto reset;
4996
4997 return 0;
4998
4999 reset:
5000 u->invocation_id = SD_ID128_NULL;
5001 u->invocation_id_string[0] = 0;
5002 return r;
5003 }
5004
5005 int unit_acquire_invocation_id(Unit *u) {
5006 sd_id128_t id;
5007 int r;
5008
5009 assert(u);
5010
5011 r = sd_id128_randomize(&id);
5012 if (r < 0)
5013 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5014
5015 r = unit_set_invocation_id(u, id);
5016 if (r < 0)
5017 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5018
5019 return 0;
5020 }
5021
5022 void unit_set_exec_params(Unit *u, ExecParameters *p) {
5023 assert(u);
5024 assert(p);
5025
5026 /* Copy parameters from manager */
5027 p->environment = u->manager->environment;
5028 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5029 p->cgroup_supported = u->manager->cgroup_supported;
5030 p->prefix = u->manager->prefix;
5031 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5032
5033 /* Copy paramaters from unit */
5034 p->cgroup_path = u->cgroup_path;
5035 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
5036 }
5037
5038 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
5039 int r;
5040
5041 assert(u);
5042 assert(ret);
5043
5044 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5045 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5046
5047 (void) unit_realize_cgroup(u);
5048
5049 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5050 if (r != 0)
5051 return r;
5052
5053 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
5054 (void) ignore_signals(SIGPIPE, -1);
5055
5056 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
5057
5058 if (u->cgroup_path) {
5059 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5060 if (r < 0) {
5061 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
5062 _exit(EXIT_CGROUP);
5063 }
5064 }
5065
5066 return 0;
5067 }
5068
5069 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
5070 assert(u);
5071 assert(d >= 0);
5072 assert(d < _UNIT_DEPENDENCY_MAX);
5073 assert(other);
5074
5075 if (di.origin_mask == 0 && di.destination_mask == 0) {
5076 /* No bit set anymore, let's drop the whole entry */
5077 assert_se(hashmap_remove(u->dependencies[d], other));
5078 log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
5079 } else
5080 /* Mask was reduced, let's update the entry */
5081 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5082 }
5083
5084 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5085 UnitDependency d;
5086
5087 assert(u);
5088
5089 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5090
5091 if (mask == 0)
5092 return;
5093
5094 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5095 bool done;
5096
5097 do {
5098 UnitDependencyInfo di;
5099 Unit *other;
5100 Iterator i;
5101
5102 done = true;
5103
5104 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5105 UnitDependency q;
5106
5107 if ((di.origin_mask & ~mask) == di.origin_mask)
5108 continue;
5109 di.origin_mask &= ~mask;
5110 unit_update_dependency_mask(u, d, other, di);
5111
5112 /* We updated the dependency from our unit to the other unit now. But most dependencies
5113 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5114 * all dependency types on the other unit and delete all those which point to us and
5115 * have the right mask set. */
5116
5117 for (q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5118 UnitDependencyInfo dj;
5119
5120 dj.data = hashmap_get(other->dependencies[q], u);
5121 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5122 continue;
5123 dj.destination_mask &= ~mask;
5124
5125 unit_update_dependency_mask(other, q, u, dj);
5126 }
5127
5128 unit_add_to_gc_queue(other);
5129
5130 done = false;
5131 break;
5132 }
5133
5134 } while (!done);
5135 }
5136 }
5137
5138 static int unit_export_invocation_id(Unit *u) {
5139 const char *p;
5140 int r;
5141
5142 assert(u);
5143
5144 if (u->exported_invocation_id)
5145 return 0;
5146
5147 if (sd_id128_is_null(u->invocation_id))
5148 return 0;
5149
5150 p = strjoina("/run/systemd/units/invocation:", u->id);
5151 r = symlink_atomic(u->invocation_id_string, p);
5152 if (r < 0)
5153 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5154
5155 u->exported_invocation_id = true;
5156 return 0;
5157 }
5158
5159 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5160 const char *p;
5161 char buf[2];
5162 int r;
5163
5164 assert(u);
5165 assert(c);
5166
5167 if (u->exported_log_level_max)
5168 return 0;
5169
5170 if (c->log_level_max < 0)
5171 return 0;
5172
5173 assert(c->log_level_max <= 7);
5174
5175 buf[0] = '0' + c->log_level_max;
5176 buf[1] = 0;
5177
5178 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5179 r = symlink_atomic(buf, p);
5180 if (r < 0)
5181 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5182
5183 u->exported_log_level_max = true;
5184 return 0;
5185 }
5186
5187 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5188 _cleanup_close_ int fd = -1;
5189 struct iovec *iovec;
5190 const char *p;
5191 char *pattern;
5192 le64_t *sizes;
5193 ssize_t n;
5194 size_t i;
5195 int r;
5196
5197 if (u->exported_log_extra_fields)
5198 return 0;
5199
5200 if (c->n_log_extra_fields <= 0)
5201 return 0;
5202
5203 sizes = newa(le64_t, c->n_log_extra_fields);
5204 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5205
5206 for (i = 0; i < c->n_log_extra_fields; i++) {
5207 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5208
5209 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5210 iovec[i*2+1] = c->log_extra_fields[i];
5211 }
5212
5213 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5214 pattern = strjoina(p, ".XXXXXX");
5215
5216 fd = mkostemp_safe(pattern);
5217 if (fd < 0)
5218 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5219
5220 n = writev(fd, iovec, c->n_log_extra_fields*2);
5221 if (n < 0) {
5222 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5223 goto fail;
5224 }
5225
5226 (void) fchmod(fd, 0644);
5227
5228 if (rename(pattern, p) < 0) {
5229 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5230 goto fail;
5231 }
5232
5233 u->exported_log_extra_fields = true;
5234 return 0;
5235
5236 fail:
5237 (void) unlink(pattern);
5238 return r;
5239 }
5240
5241 void unit_export_state_files(Unit *u) {
5242 const ExecContext *c;
5243
5244 assert(u);
5245
5246 if (!u->id)
5247 return;
5248
5249 if (!MANAGER_IS_SYSTEM(u->manager))
5250 return;
5251
5252 if (u->manager->test_run_flags != 0)
5253 return;
5254
5255 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5256 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5257 * the IPC system itself and PID 1 also log to the journal.
5258 *
5259 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5260 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5261 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5262 * namespace at least.
5263 *
5264 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5265 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5266 * them with one. */
5267
5268 (void) unit_export_invocation_id(u);
5269
5270 c = unit_get_exec_context(u);
5271 if (c) {
5272 (void) unit_export_log_level_max(u, c);
5273 (void) unit_export_log_extra_fields(u, c);
5274 }
5275 }
5276
5277 void unit_unlink_state_files(Unit *u) {
5278 const char *p;
5279
5280 assert(u);
5281
5282 if (!u->id)
5283 return;
5284
5285 if (!MANAGER_IS_SYSTEM(u->manager))
5286 return;
5287
5288 /* Undoes the effect of unit_export_state() */
5289
5290 if (u->exported_invocation_id) {
5291 p = strjoina("/run/systemd/units/invocation:", u->id);
5292 (void) unlink(p);
5293
5294 u->exported_invocation_id = false;
5295 }
5296
5297 if (u->exported_log_level_max) {
5298 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5299 (void) unlink(p);
5300
5301 u->exported_log_level_max = false;
5302 }
5303
5304 if (u->exported_log_extra_fields) {
5305 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5306 (void) unlink(p);
5307
5308 u->exported_log_extra_fields = false;
5309 }
5310 }
5311
5312 int unit_prepare_exec(Unit *u) {
5313 int r;
5314
5315 assert(u);
5316
5317 /* Prepares everything so that we can fork of a process for this unit */
5318
5319 (void) unit_realize_cgroup(u);
5320
5321 if (u->reset_accounting) {
5322 (void) unit_reset_cpu_accounting(u);
5323 (void) unit_reset_ip_accounting(u);
5324 u->reset_accounting = false;
5325 }
5326
5327 unit_export_state_files(u);
5328
5329 r = unit_setup_exec_runtime(u);
5330 if (r < 0)
5331 return r;
5332
5333 r = unit_setup_dynamic_creds(u);
5334 if (r < 0)
5335 return r;
5336
5337 return 0;
5338 }
5339
5340 static void log_leftover(pid_t pid, int sig, void *userdata) {
5341 _cleanup_free_ char *comm = NULL;
5342
5343 (void) get_process_comm(pid, &comm);
5344
5345 if (comm && comm[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5346 return;
5347
5348 log_unit_warning(userdata,
5349 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5350 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5351 pid, strna(comm));
5352 }
5353
5354 void unit_warn_leftover_processes(Unit *u) {
5355 assert(u);
5356
5357 (void) unit_pick_cgroup_path(u);
5358
5359 if (!u->cgroup_path)
5360 return;
5361
5362 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_leftover, u);
5363 }
5364
5365 bool unit_needs_console(Unit *u) {
5366 ExecContext *ec;
5367 UnitActiveState state;
5368
5369 assert(u);
5370
5371 state = unit_active_state(u);
5372
5373 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5374 return false;
5375
5376 if (UNIT_VTABLE(u)->needs_console)
5377 return UNIT_VTABLE(u)->needs_console(u);
5378
5379 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5380 ec = unit_get_exec_context(u);
5381 if (!ec)
5382 return false;
5383
5384 return exec_context_may_touch_console(ec);
5385 }
5386
5387 const char *unit_label_path(Unit *u) {
5388 const char *p;
5389
5390 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5391 * when validating access checks. */
5392
5393 p = u->source_path ?: u->fragment_path;
5394 if (!p)
5395 return NULL;
5396
5397 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5398 if (path_equal(p, "/dev/null"))
5399 return NULL;
5400
5401 return p;
5402 }
5403
5404 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5405 int r;
5406
5407 assert(u);
5408
5409 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5410 * and not a kernel thread either */
5411
5412 /* First, a simple range check */
5413 if (!pid_is_valid(pid))
5414 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5415
5416 /* Some extra safety check */
5417 if (pid == 1 || pid == getpid_cached())
5418 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager processs, refusing.", pid);
5419
5420 /* Don't even begin to bother with kernel threads */
5421 r = is_kernel_thread(pid);
5422 if (r == -ESRCH)
5423 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5424 if (r < 0)
5425 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5426 if (r > 0)
5427 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5428
5429 return 0;
5430 }
5431
5432 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5433 [COLLECT_INACTIVE] = "inactive",
5434 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5435 };
5436
5437 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.